{"report_id":"1da389f0-b665-44ad-97b9-6d4c77ffe990","version":6,"status":"done","tags":[],"date":"2026-05-04T13:22:30Z","url":{"schema":"http","addr":"gstwjy.com","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"104.21.28.175","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"gstwjy.com/#/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"title":"Bitcox","dom":{"size":23495,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (16134)","md5":"870f684ba36c20d85cc81dda9fba43be","sha1":"74eb74fdc48ae451796867054ff2d7e0585135c4","sha256":"d9f2ba868e6bee3b3eded14301c0116168626397c6c29439a898021f637a2491","sha512":"ef18fafd9dffdc8a3e207d08bb59c07b15a5659a535607c045d430b1833584ef97a1d402fbdfd2ceda5e410e3750eb0eb2f1db4efb03792ac0be01231fea9f3f","ssdeep":"384:u68ZCxa2+28h8FoFdF7FiF/FmFOlqFmEBKdNLYDm+0mp:uvQxa2DYHBmNyOsmEBKdNLYDm+T","tlshash":"54b2fe317a21007703a796c1e6b1bf1e72d7f31bc01ac5547abda18a2fd3ca5ba69520","dom_hash":"domhasha445f1f3e4d5b2e5175a8745b213fecc","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"gstwjy.com","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"104.21.28.175","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-08T13:22:30Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":6,"urlquery":0,"analyzer":5}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-04T13:22:14Z","timestamp":1777900934,"ip_dst":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":43212,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-04T13:22:14.967130+0000\",\"flow_id\":572315624937463,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.11\",\"src_port\":43212,\"dest_ip\":\"47.254.187.165\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echo88.oss-accelerate.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":753,\"bytes_toclient\":3148,\"start\":\"2026-05-04T13:22:14.923639+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-04T13:22:14Z","timestamp":1777900934,"ip_dst":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":43244,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-04T13:22:14.969512+0000\",\"flow_id\":391312818182408,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.11\",\"src_port\":43244,\"dest_ip\":\"47.254.187.165\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echo88.oss-accelerate.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":900,\"bytes_toclient\":6993,\"start\":\"2026-05-04T13:22:14.923912+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-04T13:22:14Z","timestamp":1777900934,"ip_dst":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":43274,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-04T13:22:14.972213+0000\",\"flow_id\":1222968810543660,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.11\",\"src_port\":43274,\"dest_ip\":\"47.254.187.165\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echo88.oss-accelerate.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":900,\"bytes_toclient\":1634,\"start\":\"2026-05-04T13:22:14.924204+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-04T13:22:14Z","timestamp":1777900934,"ip_dst":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":43272,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-04T13:22:14.975733+0000\",\"flow_id\":138051481639372,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.11\",\"src_port\":43272,\"dest_ip\":\"47.254.187.165\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echo88.oss-accelerate.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":900,\"bytes_toclient\":6993,\"start\":\"2026-05-04T13:22:14.924108+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-04T13:22:14Z","timestamp":1777900934,"ip_dst":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":43256,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-04T13:22:14.978231+0000\",\"flow_id\":500327678089582,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.11\",\"src_port\":43256,\"dest_ip\":\"47.254.187.165\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echo88.oss-accelerate.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":900,\"bytes_toclient\":1634,\"start\":\"2026-05-04T13:22:14.924014+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-04T13:22:14Z","timestamp":1777900934,"ip_dst":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"ip_src":{"addr":"Client IP","port":43228,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)","source":"{\"timestamp\":\"2026-05-04T13:22:14.980688+0000\",\"flow_id\":1237803627583650,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.11\",\"src_port\":43228,\"dest_ip\":\"47.254.187.165\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2052581,\"rev\":1,\"signature\":\"ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_05_14\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"TA_Abused_Service\"],\"updated_at\":[\"2024_05_14\"]}},\"tls\":{\"sni\":\"echo88.oss-accelerate.aliyuncs.com\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"5d79edf64e03689ff559a54e9d9487bc\",\"string\":\"771,49199,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":7,\"bytes_toserver\":753,\"bytes_toclient\":6993,\"start\":\"2026-05-04T13:22:14.923810+0000\"}}"}],"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"gstwjy.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":72,"request_count":36,"received_data":3606216,"sent_data":14826,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]}]},{"fqdn":"echo88.oss-accelerate.aliyuncs.com","ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"domain_registered":"2012-04-01","domain_rank":0,"first_seen":"2026-02-24T15:46:11.814568Z","last_seen":"2026-04-23T15:57:07.569164Z","alert_count":0,"request_count":27,"received_data":182978,"sent_data":12655,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"apiv8.ancenns.com","ip":{"addr":"104.21.55.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-08-05","domain_rank":0,"first_seen":"2026-02-24T15:46:11.82457Z","last_seen":"2026-04-23T15:57:07.519777Z","alert_count":39,"request_count":13,"received_data":54902,"sent_data":6648,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"static.cloudflareinsights.com","ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-08-30","domain_rank":4073,"first_seen":"2019-09-24T14:34:56Z","last_seen":"2026-05-03T22:45:14.235278Z","alert_count":0,"request_count":1,"received_data":31542,"sent_data":468,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"gstwjy.com/assets/en-6169ce44.js","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"55cada4e190449da182532ea29301ee4","sha1":"2800ee14bf4e7d273767f19044ae204da6be74b6","sha256":"9ab1d24551348461e85e174b2bd63d102a31091580816479fa657e6067de7469","sha512":"32db0253b7585344433959693ebfcd8ffeffe0c0a0a0f94a2517a1139d7622de4ed824b9256af3b8c9067b961632d42caf6a763599a24741116a1da16e09afd5","ssdeep":"768:+GtZcEw/o7rKOdAFsifnAMC2rAaAMFVoP6+6sPG9w1mwO6fpk7aOLxf:iponKOdebE2rdFVLsPWwqLxf","tlshash":"6503d6893e1a989a04f3537674ce6e1120f60ac18255881f4fedc9fd93d2b67a363b34","size":40453,"data":"","first_seen":"2026-02-24T15:46:17.959734Z","last_seen":"2026-05-04T13:28:51.856787Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/#/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"1797b90369a99ff22f1c40b0d94ec9a1","sha1":"aec8ba7bbf7bb80c7a4669d074c61aefb319ecfc","sha256":"e7129c3c36ef7b4a55f09622f14d1a60dd64551f16fd0f7a070edf2c75a13680","sha512":"a578a2dae3c0843433b3aca46d828da3db506e6c048302d6e857b77767968b4cac8e71e6d56dbd81aca28909b96a5f23447544a7a24ac9e3486478aa64b977bd","ssdeep":"","tlshash":"70c08cc4a0c72e001646641018af26e49034402ab0482f568df4d8492e620b08233ed8","size":146,"data":"","first_seen":"2024-01-05T03:21:28Z","last_seen":"2026-05-04T13:28:51.888835Z","times_seen":282,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/#/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"4a9d973d1e30085a9546cf6ee49cb488","sha1":"4a80a253e1d2d07b6dede9f69fbd4c2fd3363d20","sha256":"e24c2a1b6b6bdd7e72cf4f795a489b668359a0164e0200e5e6d49fcbb543797a","sha512":"8cb6f53571ce6c05e19a35476bf05b79f1336787b04aeeaf13afa8839dc5584efa86088875fd19d9f6163e6a676accf1a0fa3481475378f6d594b9425b4b4462","ssdeep":"","tlshash":"05c08cc9a0c36d002602641010af38e49024402770881b028ca4d8482e220b08233e98","size":141,"data":"","first_seen":"2023-05-08T19:42:57Z","last_seen":"2026-05-04T13:28:51.895018Z","times_seen":738,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/#/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"64b96e9d7c04d3598ab532838c31de71","sha1":"50bf331694a9b804ce6fb6e5a7c50a5d10cda588","sha256":"20c2add6faaa982c624763d066d770a8640fa28a9ffe5bc6fa9128a1793f56aa","sha512":"f152250e0b9799dc010c8f86eea655f3c6afd8b6b899b69ee82b26769c71b7522c318f1a8c5d7d0e2c09e15487b410fbefabffdae3d71ec14da2b4776ef5a9c0","ssdeep":"","tlshash":"a2c08cc4a4c27e10260a651018ff26e89034402770485b428dd4d8492e230f09233e98","size":145,"data":"","first_seen":"2023-07-14T08:52:05Z","last_seen":"2026-05-04T13:28:51.895661Z","times_seen":76,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/#/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"7de71cd324bb8833f4a138cbcdafa759","sha1":"d7a8122c1483170fa571ec47c62f91c66d662ede","sha256":"62b9d7d992de0ba11591d4ed7c7ab166d886c09ddb4a6b79693795ce836c6003","sha512":"5d42f665549881c48abeb0ee42138dcd1b0f6140e49c3fc6efdfe3657cba54e63218787f0b0d2f12622873799b4ec3a21b9f4f62194f2cc9bda2758dd699a439","ssdeep":"","tlshash":"73c08cdab0d72d006602642110af78e8a0388027b08c9b439cd4d8883ea30b08233fa8","size":151,"data":"","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-05-04T13:28:51.896326Z","times_seen":320,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f723dfa16c49402d54e55cded0d4291b","sha1":"30b2773f8a00d51e52ef2bbbae252d9e8b8f5268","sha256":"37caab18b0a687038989da325bd60bac5f437209e2912ba311068ffc4c84840a","sha512":"7b0eedb0033c8b868b26e579a5ec25e0e01a841b0c3dba3ef3a58b682fb1207b23de172f83b91ded118e75ebd5f5222ae8456b38d826da8a16e048ddc59436cc","ssdeep":"","tlshash":"5f11affe291a642d6303804e976b7901642250a9400a144177ccab9dbb9ab7dd0cfb8c","size":1048,"data":"","first_seen":"2026-02-24T15:46:17.974125Z","last_seen":"2026-05-04T13:28:51.892749Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/index-56c8c855.js","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"03dfb7f83954b8563469a9259e4a6a02","sha1":"1dae5be362855ad7059f9ccdafdc0a549e3bf940","sha256":"1bdbd58741b25990771c4dafc4b429f57f86d52a2e2851ab5279731ecd22b695","sha512":"28e59cc300c6f9a337e5ca09f7d0c84ab5cfba08a4403ac84035c6a8698b6a62dbe9a38d36d8c9a878480b978dd355ace44cd861a86090c7d0d7d9b694999070","ssdeep":"","tlshash":"4801fdf9fc0d8ebb0fa20a4001903600140a1fddfa1419e198877d661be4940d7ce32d","size":776,"data":"","first_seen":"2026-02-24T15:46:17.93483Z","last_seen":"2026-05-04T13:28:51.865249Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/currencyItem-00ae23e7.js","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"4b43741506c9373afc25ec43fe336257","sha1":"cb030fffa1a13483109ad3094c90c31c3ac2d302","sha256":"739e5f1d3c5442e74cbb7b79ec582a56c7ad6bbaa86477f71db070dfa45ee32b","sha512":"fdf5c1a6a62a8b5d21cca686c4c5dd3ab11463d7d124fedb5db26ea53d68e068d66e2d638539fe3fe790cdc372147ebf9071e147631bd8f704c47c6af94f588f","ssdeep":"","tlshash":"ae21cd9aa912c7b1cbbe906285bd5414131d7bda700185c1efed148a37865fcd728a31","size":1206,"data":"","first_seen":"2026-02-24T15:46:17.907879Z","last_seen":"2026-05-04T13:28:51.833668Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/#/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"f19a249a3e546a75d19b9d3f75497cdd","sha1":"4fcf8a4234dc76c37cb9415dd3c2d4820fb45a30","sha256":"8f0b9cbdf1999a03131eed312b7dc7ab85a5ddbf696e4805d240a61cdf5066b2","sha512":"7f999eee3d080218db37b9bd7ae6ca464771276ae0eb378b537d24635f5d700aede00359099b8e2197cc4f36e56162a46110fbdb85f213ed5ada51d9875a7402","ssdeep":"","tlshash":"c5c08cc9a2c22d001646641014bf28f4902480277048ab038dd4dc892e620f0823be9c","size":146,"data":"","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-05-04T13:28:51.906639Z","times_seen":497,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/#/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"0f40806f855fc503ec7fe0e2cdc6da5f","sha1":"ad59d99993690064ee6565eea713ee4c5260f572","sha256":"954bc1931a5584c910a5391a0e2c05ba7190f3c672433a85c162ac948a74a44f","sha512":"7ea9c1cffaf640bc7083f2306a134368aa54ae775230a1f1990c43817594d950ecbf94412ea7ab6262bb8add4715ab6fffe7579f85b0a1c07f6acc4f8207cd9e","ssdeep":"","tlshash":"1fc08cc4a0c2ad001a12649010af24e49034402770481b029c94e8492e220b08237e98","size":137,"data":"","first_seen":"2023-04-13T00:16:19Z","last_seen":"2026-05-04T17:00:22.869913Z","times_seen":5092,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"cd7a34e714de94d5c29b8ac5acdde24b","sha1":"b722bccb435490630d97ef88cafeb02d92f70fd0","sha256":"312ebfdc50a0e168cff60c206811b02e944263a7d9060c2685509dacfacd7f71","sha512":"a724bc648a508c24e5bb1788e1f02b47030893bbb0b80a99e380d95480095983a35d8ec11193c53f0a67db47a289ab608fcbc9dbca846bfdd5d61a8832290f43","ssdeep":"","tlshash":"58e07d48ff28c7f316ce28ab516e770858d104d58c1b58024cebccc86935ed87291527","size":314,"data":"","first_seen":"2023-03-11T11:23:25Z","last_seen":"2026-05-04T17:08:15.937297Z","times_seen":32950,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/#/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"df55055f75e2187c0c3ffd3298e162c2","sha1":"dc0db5a52df96c5c7636f6c0aef602a6ff8d0042","sha256":"34d238e0facf0645b79ceb771e2969c69c252c99e63f22e7fcd3dcfc6d7ba0ff","sha512":"e903ff7edc9a3fe9051dacfd58d309f38e5f7689fa9749821e071171fee8dded977be371a8cfafd49c12a8e2501483f77fa64b0e732c827d0b5c0cca892cd137","ssdeep":"","tlshash":"4fc08cc4a0c33e102656641054bf25e490244027b0481b468cf4d8493e630b08233e98","size":144,"data":"","first_seen":"2024-01-05T03:21:28Z","last_seen":"2026-05-04T13:28:51.893455Z","times_seen":236,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/#/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"83678961efc93c088d42dd78bc6ea6dd","sha1":"8007d82eec4894fa2867c628e925f1fcfa443fa3","sha256":"d6045334796ceaf006da578968c4ce319e6d4127c9c36ea88297daf6c6713026","sha512":"cd5e028a3850ceca98e01b30d338a9874404eba5a4d8fce81855dc9f8a6189c9c202e6caf3fe736b10295b4c81a1361a68fda5abeeca58d358c8fdb9c02a282d","ssdeep":"","tlshash":"13c08cc4a0c23e106602681124af24e4a0244027704c6b02cde4d8492ea34b8a233e98","size":147,"data":"","first_seen":"2023-07-28T08:36:26Z","last_seen":"2026-05-04T13:28:51.90458Z","times_seen":624,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/#/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"ba78027dcfdc9eb09767e4e83301b631","sha1":"1b7e7e0f0922b9165de433222ba8cc4afd0c59b2","sha256":"3de67c074b8692e1861e1c651848411308eb4c90e96f491e9cddc2df529a5da5","sha512":"158882fe08ddcf7bd297cd25a0e7b518789ef98ffa6ba9f14d1b565993ddd00de407f5be64c5c8a819e7a01c4da5887b21ba51f65308cd238c10076951e9e499","ssdeep":"","tlshash":"8ac08cd4a0c62d009646a51116ef36e4a0248026b8486b47cce4ec482e230b08633ea8","size":152,"data":"","first_seen":"2024-01-21T00:00:16Z","last_seen":"2026-05-04T13:28:51.899579Z","times_seen":416,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/#/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"d98acc1019303c876db914a972334937","sha1":"73807338e5295d0e4a62fbf19a5258d5cc93e72c","sha256":"864aa8328e7915cfbea7a8773cd622fbf24494c9b6019a076bef6e3f795e7d9d","sha512":"77d7c9975e811e66a77b15f141c84b12ae3aa0f991d15d2864c3c3ce082e0da5f4154d93424ae8580ebd93a1c7231752fbf22ef82ce7a01d997287d2d854d1af","ssdeep":"","tlshash":"e6c08cc8a0c32d001a13642210ff34e4d03440a6b44d1f028dd4e8493e624b09333edc","size":150,"data":"","first_seen":"2024-01-05T03:21:28Z","last_seen":"2026-05-04T13:28:51.90597Z","times_seen":490,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/#/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"5948bc3b90afab1829ab7ee61269f24e","sha1":"517e29a82521418181f702543be8ae74a3bf68b3","sha256":"14fc83a84c91770211dc352186f8e87ddc85e87c2dba0c80a159b45897b9ae2d","sha512":"05c079bbf0389ad341941c3e837aca91dc9aff681cee8da0b4560551ba13e6bbb76b01213af6514e6991e3369062870866a41e67e6d67a37038ddba3ddee7d5f","ssdeep":"","tlshash":"a5c08cc4a0c26d002606691010af24e49028802670485b028c94e8592e264b08233ea8","size":139,"data":"","first_seen":"2023-07-01T13:40:07Z","last_seen":"2026-05-04T13:28:51.897024Z","times_seen":941,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/index-9b2b8034.js","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b5f8fdf072fe43180ddffbc308015d2e","sha1":"e96648c196c95ae03b959c782f346530afded297","sha256":"f36783879e54a01b666750ae86823d603967fcfda33e5c95caadde850555426a","sha512":"a476fdba2b180eed103b754f6b93df58c14b2660354949eacdb2695c251b40de0bd57ea3f2e5b0742da8395bdb891e48c3dccaa249cac0c772c3254725884b7d","ssdeep":"1536:i3u5Gko+sgdK9HhCIUqfQgKje/QUS0tXmwt/p6V:Gpko+QBUqfQgKje/KOA","tlshash":"e6a36c8e950b0eff5dfd0854b94b995021790fc3988ccc97b37a6e0a37fac94625a718","size":102654,"data":"","first_seen":"2026-02-24T15:46:17.905976Z","last_seen":"2026-05-04T13:28:51.862076Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/vendor-4eab0164.js","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"2872601a5118aeb6c6f49a5c5910d0c2","sha1":"4c94bcaf275034f208fe706f85335be427afa537","sha256":"b6758cdec9c83aae31d1437a0cb012e8367c55fde26ea2ebcf0ea6d7c64ddd77","sha512":"2f3bff4c24f64bae571ea490992734b7b7d76eba4efe396dbe49ead33e4e0f85ae611bb0cfb3d265a0243539a3bc1378432157d8ebffd4c5bbf0e9805f4ff5e9","ssdeep":"12288:+x7TNZ0226XGoWUe5DH/vIwI1icLmOj6l+I5lvSGiZIKWZAcPyw+ba2Xp:y7TN8ifTe5vIwIQcLm+nrIKWZAK2a25","tlshash":"d9153ac97692f06147ab24e240bb0006f3396e59740e8494f16dd8eb7d69d89e2b7f3c","size":908908,"data":"","first_seen":"2026-02-24T15:46:17.913048Z","last_seen":"2026-05-04T13:28:51.849708Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/v8c78df7c7c0f484497ecbca7046644da1771523124516","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f67ea9205c3ca7c9e04582d3b9bdd1d","sha1":"d3b68ad3eb88d3db3d843211d4905143c3bff281","sha256":"4b77eae349a8cbcea7133cf3640a64ebf1f69d54d8f6469d7be6fdc188ca4ca4","sha512":"f034bbae022b026821045c28393ba371fe83f6b5ef1fcc66f0943525ad3587d417f04cd795d8accee7d86b82057ca74b50a4d3ae74855cb0e4504393ad943c42","ssdeep":"384:BXi1f+hZCIy1f84QDRuT9WKw00QmLnivMt+BERzR0c744BKJKe0620vFjOkcXo9g:+V584QlIrw6OPIJJtFjj09N","tlshash":"bce218eeb591b13603f7a072447f210b733ab56264494408e21bd6c22c78eeed257fad","size":31169,"data":"","first_seen":"2026-02-19T19:35:51.221473Z","last_seen":"2026-05-04T17:06:13.118526Z","times_seen":61300,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/index-89aece6b.js","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"265a79c4efd1371c08521a69b7c46372","sha1":"692e41e7a74c683f59eb0da79c30ed0d31fd17ee","sha256":"fe4cc4cbc91539e462eff006cdc414cd3621a7e1170a9ce3ae7e2ad4f6ddfb1b","sha512":"eb0566bff6252b28c7f8250a07c36d5c4fd61b5d2412227c9f4a037dc76b1741535c62e00137abe043d850c7b39465a8f333d357c545cb14e8660d74cf70406c","ssdeep":"","tlshash":"79f0c93f797a81b21bb388e8a1631820a6291b4a2754c494e8870a1097348e3e12e224","size":510,"data":"","first_seen":"2026-02-24T15:46:17.933111Z","last_seen":"2026-05-04T13:28:51.878973Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/#/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"7746993e8adb9277ba5afa2584910974","sha1":"8e7e6d562fd56f594b40b6657156d483d7426e40","sha256":"833dc15f120cad89d5c0680edae217dbad02010e42af351959607df4170074ee","sha512":"10ee66e22fa45386057f1385e179955ad4fd4d53363c0aebe68aa9ba0547bf409a286e53ab6e678e5d0c3485d6cabcdd359f359c5258160b50a0a5a5496d6e6d","ssdeep":"","tlshash":"39c08cc5a0c22e101646641010bf28e49024402674481b028c98d8482e220b08233e9c","size":140,"data":"","first_seen":"2023-04-13T07:32:13Z","last_seen":"2026-05-04T13:36:01.645177Z","times_seen":3349,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/#/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"afd6dadb9533533d8514ac548303e331","sha1":"0b297795e161099658da59b3912482e86732e56d","sha256":"e378d3c8bb137aed4116bdd0c560231896d500f4edbb80088c14fd8fb220c3a9","sha512":"0df2fd8eb6e505ad35fff7e135feb15d50d1ae87d9990d9fa472fb834b7baf48ca73b3e8850042c74584e60de2daa8b9a4a981e5bef460ab48ad5f8ddb5d03e6","ssdeep":"","tlshash":"6cc08cc4a0c22d101602661014bf29e59024802671881b42cc94e8882e220f08233e98","size":140,"data":"","first_seen":"2023-06-06T09:30:31Z","last_seen":"2026-05-04T13:28:51.907419Z","times_seen":806,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/#/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"d8a0b36a3bb5359d82373fd74ab0a55b","sha1":"109fcd2e9501021577ad657d5701aa40e771b723","sha256":"26b23c11a596c1301030aaa5e72296226d0b2c601ff7b24694d413a401ac9826","sha512":"ebb5fb5d0b9ad70253bc33b31f5fab9fa0efb74a89eefd5b900d6b956970a52ef306b8e62a73b47775339624aef7daf7f4779743b84394f80591c0ea8182f9fe","ssdeep":"","tlshash":"d8c08cc4a0d22d001a02641060af34e49028442670481b028ca4d8482e620b48233e98","size":138,"data":"","first_seen":"2023-06-06T09:30:31Z","last_seen":"2026-05-04T13:28:51.897616Z","times_seen":1236,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/#/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"9d379fc52463f2b630c6894900da5180","sha1":"b33fecceae6c1ef97518c6ad7159534d78e7b2f7","sha256":"6c3288c6af4396096b1a8a927fbfaf05ac8cc29658fc97d13cf036ba6bb38ab3","sha512":"49b43b0c253e26c135bd5009d73c537cf2e78342ef6b116ce6efbd3627152ac804449ec5cbe637a544b5557b52a50213a19dfcf33158a4f6b0a8ff91d79372d5","ssdeep":"","tlshash":"61c012c5a0da29102951595424bf28e8a024c026b55c6b169de4dda829e64fcc627d98","size":190,"data":"","first_seen":"2024-07-11T15:08:28Z","last_seen":"2026-05-04T13:28:51.888047Z","times_seen":615,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/#/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"94cb806f13187b76d16e8079124171c5","sha1":"be4a8d1cf84b787988d13ce1525597114ffda19f","sha256":"8d842a1f950c7dae6582c415825541111a6556359dc37380452abbb9c426b1d1","sha512":"280cc32cda89db02b4cb60e620a1c175194998afeb2c4bea92194c0c4f335d00a8e35d4c1ca28c2f4201c4654493fc96a581e54175ed4ee4153af805d69c10df","ssdeep":"","tlshash":"62c08cc8a0c32d101603a92020af29e490384027b14c1b038de4d8492ea30b48233ee8","size":149,"data":"","first_seen":"2024-01-05T03:21:28Z","last_seen":"2026-05-04T13:28:51.903868Z","times_seen":329,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/#/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"207820ea30e8c69ce04100e8526ac9b2","sha1":"289c2ffded67dd3ddfa4bfbbba56b6f8043610a9","sha256":"1fd71a67efe14f91b321e3f476ef6de1ac2329e77f5720cd37ae6589fb074b69","sha512":"d1237fe7e4dbcbfe699ee7e9b4b30d9963a1919d1451c928aa9af64326dfb7a7d43f8bde094fdd4dab7a65a070422f6904cdea73eaac2fb4225f0bb1c8d6df5e","ssdeep":"","tlshash":"30c08cc5b0c36e10261ba85050ef34e490248027b04c1b038da4e8892e630f08237e98","size":148,"data":"","first_seen":"2024-01-21T00:00:16Z","last_seen":"2026-05-04T13:28:51.905322Z","times_seen":389,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/#/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"a4bdcb8203f55c2a0d42fe2daeba7f94","sha1":"28d4fb637c1f7d7cfc979d90f4f388d62eb58a51","sha256":"386fe5926fc7fa712f45c79142ec5390c9082ce14bd96a609004647fb1f4d823","sha512":"09dd6e53cd308472025baff2f600acd0b5be74b4d557bf48d7402cf6147449fa01db100adc90a5ea3930e80b42a5a2a1782265620c3f940cc93f60e873363d5e","ssdeep":"","tlshash":"c6c08cc8a1c33d001602661060bf35e4a0288026714c5b128cd4e8492f230b88237e98","size":145,"data":"","first_seen":"2023-06-06T19:23:28Z","last_seen":"2026-05-04T13:28:51.890128Z","times_seen":663,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/filters-da545321.js","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"7eec20503ac049c8657ccb54a1bda7b1","sha1":"196b2837df40d0b3461f7aefc4fde9e7772fd1b1","sha256":"8a29d415f8c090efc5c1bd87950a2f65c5534c12d27def4d2985470b0396fc3a","sha512":"72e1575a766847c97b9dd9b121cb8594623a7887cdf3dff324a5694559468b86f90cafe4d8e55e1ec789b7fe49892c5dadc164ad27c5bc98ed3f11b5185747c4","ssdeep":"","tlshash":"665134fdfdd7613356ea6ef940288450728ebe20686e0a49f54bd04659338c8e07f778","size":3102,"data":"","first_seen":"2026-02-24T15:46:17.914553Z","last_seen":"2026-05-04T13:28:51.832397Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/index-b9c1a9df.js","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"77cb84b4ed4bb747f8ff6a42d23bcbc7","sha1":"615eda0ae92fdfad9fedcc4da89a39a75a6331be","sha256":"915f9bddc9612d0a749a608d92a37487f430a9937b73787893d05d4130841d84","sha512":"149196ab6e3233abbbc305937bc71628ad533bd1cb2d9b142d02fb0f600cb14a27f0800f43e6db913bb7a7fb71704bc61105133db801d77c40d7f29190062b45","ssdeep":"384:O2zEntAhRxSJUFAFtAfU2ws0K8+YjFuv6kdqHbhdGrPCRJSD:Rs5SWtAfUrH84hdGrPCjA","tlshash":"e152c762f9029a3cf5fbe05140880050b66a7ffb401989a6b9bc6d4f3356eb8f75d718","size":13972,"data":"","first_seen":"2026-02-24T15:46:17.919581Z","last_seen":"2026-05-04T13:28:51.853104Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/#/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"c1155eee87487f5efe9634a03695b16c","sha1":"2532dae40bd8f2c93a9eb7cbb00bf21e050124b1","sha256":"41c9b4311d7a14bda7da372afb964f0bf08f0823e01617a967aa9eb2554d298b","sha512":"ae1174eea2e3597d1ecd46bea51c7948e05095c00c03cb3670e5b62dd0c14abd26e7c3643fda485610290a4426fa92d0c9d7920303a7bdbc659f735313f2ea48","ssdeep":"","tlshash":"28c08cc4b1d22e106606641010af36e490298426b08c1b028ca8e8892e260b08237fec","size":148,"data":"","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-05-04T13:28:51.892032Z","times_seen":396,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/#/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"361e9d9b886c9f2b98f57c626c09b9d8","sha1":"01032a33013459a8de015112421c1a9e467f5d44","sha256":"b96071e372b614f6406f0b01ed200e24be43c5c21eac83934e41d7dd6f70ec38","sha512":"c3dc60f09e32481fa8a331627b2cd7911592847e3e0e82721694d14205de941a15ef18259c871c5957195b1ca8b3b63a8109390863f3f8d48e5e8a7d3f8b02dc","ssdeep":"","tlshash":"8bc08cc4a0c22e102602641010bf38e49024402774881b028cd4d8482e230b08233edc","size":140,"data":"","first_seen":"2023-12-19T15:12:13Z","last_seen":"2026-05-04T13:28:51.89428Z","times_seen":494,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"528dd01eb509d1fc3c68b48e165c9d77","sha1":"8d702f33d869eb8c53cf75c17014f96385322395","sha256":"b508dff20bdbd9138e31aa48c45bc501805e509d2fd4709b39c4a60cd5c6b43a","sha512":"4c1edeec560f431005363ff5291acc80c1c42edf7c9a6d6e4fde2f7539b6a35a8e36f0bc228503263277bf5df4525dc579575faadca614c32e5dfa885a2d343b","ssdeep":"","tlshash":"78a012bb71b851710cd51ba7a40455e01c20123105052c101c8d5151c011c171d394c0","size":84,"data":"","first_seen":"2023-04-07T06:55:59Z","last_seen":"2026-05-04T17:08:15.939048Z","times_seen":36128,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/charting_library/charting_library.min.js","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8573e89d9ec535663d75f21b1f08109c","sha1":"a8d9eea0b157ceeffc38d4254e6f6abc9d697d10","sha256":"cb0c6c9f1771d252eee7caa043bdd7cfffbd52c2cc4b18b7be7c4554ed069151","sha512":"55d728fa1e0682725f94b17387c6790792d3d34b43652a00097876118575bd6cefa20916d80674519005d72f20ecbb745e9645516c056e6f9bb6691d5efbcb33","ssdeep":"192:9fdWSo7ktFUnoBelr6lw2LfnzuIQPlaJ1i10K+Ei/ISJhvHIheu5Ph3Ffam:vWS2ktFUnoIlD2LfnqIJimK+5/ISJhvu","tlshash":"6e224f58ed2478720acb54f0427f180f8239e278d84944ed3cc4e6ec59fd44a6a6fbb8","size":10858,"data":"","first_seen":"2023-08-16T00:37:19Z","last_seen":"2026-05-04T13:28:51.864657Z","times_seen":479,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/#/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"4188cedaabce1bd7a5db004036b8aba1","sha1":"d3e4b5d9583e2307477fc23941503b2e32cddd02","sha256":"1f3da1cac476f928aa10bfdb8136e388b588e3f8ea75292492b26f59fe81c062","sha512":"afd668d5644ed5becc489b7a6a62515fcc722353a5ec66c4b83bbff327e586ebc090bb90022100e98c8043cb5bdea395301647f1c245331739587fe3d012b88c","ssdeep":"","tlshash":"ecf08bd234e46840e3321a7610e83c5ca280b336c4e6023674b44c690fbee364524db6","size":559,"data":"","first_seen":"2026-02-24T15:46:17.998079Z","last_seen":"2026-05-04T13:28:51.898905Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/index-66d52477.js","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"efb3eb8b97e2aefe436f931b2f07f045","sha1":"a2d7f83e33bdb2d7691eaeed2dbd0ae24501dfb7","sha256":"06585c777303267974c08306e42c0c1ca5023716322b5071afba307261acec95","sha512":"a5cada7693c6534bf5d0470dce5556b45ca38cafd5312ac76dfcec6340d9124180c814c60142439fd047d2e9deb1bd1b480c907f07f16f245e29f099e0d76976","ssdeep":"96:H7IX0vfp9YqqD+wS2EzGMyy0b1ai6Ble3hvJTe3X9NthejA:bm0vf7YqqiwSfey0bYLGhvJaXfsA","tlshash":"a8a1c899f80286bbe9771440084c041021adbbfaf21548f2fbfead4a67b5979d354722","size":4662,"data":"","first_seen":"2026-02-24T15:46:17.896935Z","last_seen":"2026-05-04T13:28:51.858425Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/#/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"c0e88513b499aae066f13f6f0edfedab","sha1":"12fd9320e7be26e9257e2a1a39a698a5e2706292","sha256":"3ffd5a1fea533c35c122aeb0a36f3d4a37022e0a14c83167faeaa819b3ee8cfd","sha512":"36b57e74aa71e21ec5489637f206796e8b9097db32c59e4ffbbdd7eb11ce35c2f754178f996bd6e11abc560cdddd3af7cde3fc1847c1a455120b5c26ee4fb838","ssdeep":"","tlshash":"17c08cc8b0c6ad001602e45111bf25e4a024802770481b128d98e8483e220f48233e9c","size":139,"data":"","first_seen":"2023-08-29T11:10:58Z","last_seen":"2026-05-04T13:28:51.901594Z","times_seen":828,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/#/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"ad53bdca95253da3ed0339a52f219d8e","sha1":"1acba9622b6c70c03ce56310becd1d72226538e4","sha256":"3fecdc9cf7339d52588891d5d7b0c4b4ebfd82fe813b141fd5b81fdc70694f81","sha512":"d2bf6f0a88bbc044c6aab45f1f8795b3aafcf709a0a2b294f27062c0c34e1f34ec3964286f776c55a40a412cdf01c2ace59fdf7981fd69c6d8a63a6791ff8d3e","ssdeep":"","tlshash":"61c08cc4a0c22d001a02645014bf24e4a024802770481b02dcd8d8483e220b08233e98","size":137,"data":"","first_seen":"2023-05-08T20:49:31Z","last_seen":"2026-05-04T13:28:51.902342Z","times_seen":896,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/#/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"f2f5a4f08c8536ee9b64126b563cd62c","sha1":"15d57cd315463221c807ad74b0e19578dd90f7a5","sha256":"1fce7bdbc1acea81dde9287f6971529e3cc024b01b1ebcd537ce4f16e064b760","sha512":"204e680610bbc982bcb79334b0acd7f7f3c101fcd0b0d384925c0d0f1dbb4fb222d259d164c7cf5a339887dc471086b3dcb2ca246f6af92c95526c91a4ac0427","ssdeep":"","tlshash":"48c08cd8a1cb6d005682b41459bf3ae4a0344027745cab139ce4dc682e230b48233e9c","size":158,"data":"","first_seen":"2024-01-21T00:00:16Z","last_seen":"2026-05-04T13:28:51.90032Z","times_seen":413,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"gstwjy.com/assets/filters-da545321.js","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:12.422Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /assets/filters-da545321.js HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:13 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:24:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693393e4-c1e\"\r\nexpires: Tue, 05 May 2026 01:22:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cUOtehH10vGw7N0Hj6lagnoHP4b%2BEPYkVYopDHyRFsAuwqEsNveMTf8UNTGsjV%2FsjDBXOUlSfXEvJzgWgp%2FtLRv1X4P2roWzLIx67qwJS79nxWyj4aa4roF2aOGv\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67d01bad1a568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3102,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3101)","md5":"7eec20503ac049c8657ccb54a1bda7b1","sha1":"196b2837df40d0b3461f7aefc4fde9e7772fd1b1","sha256":"8a29d415f8c090efc5c1bd87950a2f65c5534c12d27def4d2985470b0396fc3a","sha512":"72e1575a766847c97b9dd9b121cb8594623a7887cdf3dff324a5694559468b86f90cafe4d8e55e1ec789b7fe49892c5dadc164ad27c5bc98ed3f11b5185747c4","ssdeep":"","tlshash":"665134fdfdd7613356ea6ef940288450728ebe20686e0a49f54bd04659338c8e07f778","first_seen":"2026-02-24T15:46:17.914553Z","last_seen":"2026-05-04T13:28:51.832397Z","times_seen":7,"resource_available":true,"data":null}},"time_used":591,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":591,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/platform/dev/favicon.ico?2.0.1764987877129","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.293Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /platform/dev/favicon.ico?2.0.1764987877129 HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:13 GMT\r\ncontent-type: image/x-icon\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:23:12 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=6,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kqMJPudKjKxaaQSKvHjJ1b2N%2BtwVsWUCwfLX1PUFCkWjjIo2aeDSoeq1cn%2BSYVnblpGxdhoU4S2iiWApnw%2FC6OS9Se5FpXIEbz9QWSfXveBtTwwEm5XszrwmLL1Q\"}]}\r\netag: W/\"69339390-10be\"\r\ncontent-encoding: br\r\ncf-ray: 9f67d0211b91568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"52fcbdc9b89c76570a1246925d321d0d","sha1":"3f50dd9c170be3d69730f9060d26c40c72bb9d96","sha256":"973c5a83c751f168437e3b261dbd6e939123a9908a711cbed65f18d74696a62d","sha512":"c070c3d1805d341a50bdf930c4fd272b83fe40b7f2f5fa873fc7c46c5cdfb867efa265a29b6d190f393c342edd7079d7181fadc8904d7c6b9b67aee9d3dafb6f","ssdeep":"96:fulu06nYkKiOeP1wl7tU3GLtIJyoAbdDes1:BYgF1K7tU2LtIwoEdDR1","tlshash":"c391debd5deea63cc201467128910264f6f2cf207afb2b0994f7f68dd92d40a532c9a5","first_seen":"2024-12-28T13:26:38.876326Z","last_seen":"2026-05-04T13:28:51.886391Z","times_seen":86,"resource_available":false,"data":null}},"time_used":667,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":667,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"echo88.oss-accelerate.aliyuncs.com/echo88085969b2b01c49599f569898347453d9.png?2.0.1764987877129","fqdn":"echo88.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.369Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 21 Jan 2026 05:48:22 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"64:86:8B:A7:E4:DC:0E:74:32:46:53:69:3C:B8:E4:89:DD:F6:BD:55","sha256":"B8:C1:A5:52:E0:02:69:05:3E:47:AF:74:43:E0:AC:57:AB:A5:93:BF:4E:FF:3B:47:70:FE:C7:D9:C7:08:29:93"}}},"request":{"raw":"GET /echo88085969b2b01c49599f569898347453d9.png?2.0.1764987877129 HTTP/1.1\r\nHost: echo88.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:22:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 3909\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D87BE2E677391C2A9CC\r\nAccept-Ranges: bytes\r\nETag: \"11263F178BE6B4A892A3B2EB723D465A\"\r\nLast-Modified: Sat, 16 Aug 2025 09:32:45 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2144243478978614821\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000110\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: ESY/F4vmtKiSo7Lrcj1GWg==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3909,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"11263f178be6b4a892a3b2eb723d465a","sha1":"877216937b3f2050fd84b958e52f934ec6f5b1a7","sha256":"f4905831442e6ebd69d141564c78a092b769655f177fdf74c76781c545f12d50","sha512":"9d191afea27c7d84b98b53c3a864975524e3be71c5a4f2276cb8bd285c964bde16372e71691c5fb6e4a53e7765be67cb0da3ec0dd762e80d586df40bb50e22f8","ssdeep":"","tlshash":"94816df58e68ed817061c3bcd258e51e567a38d2cad1831ec5af16a837c1c2c43c255b","first_seen":"2026-02-24T15:46:17.927641Z","last_seen":"2026-05-04T13:28:51.851391Z","times_seen":7,"resource_available":false,"data":null}},"time_used":3603,"timings":{"blocked":1691,"dns":1555,"connect":20,"send":0,"wait":220,"receive":0,"ssl":111},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echo88.oss-accelerate.aliyuncs.com//echo88ea151c3c52054eb1913069ce65d7f633.png?2.0.1764987877129","fqdn":"echo88.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.443Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 21 Jan 2026 05:48:22 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"64:86:8B:A7:E4:DC:0E:74:32:46:53:69:3C:B8:E4:89:DD:F6:BD:55","sha256":"B8:C1:A5:52:E0:02:69:05:3E:47:AF:74:43:E0:AC:57:AB:A5:93:BF:4E:FF:3B:47:70:FE:C7:D9:C7:08:29:93"}}},"request":{"raw":"GET //echo88ea151c3c52054eb1913069ce65d7f633.png?2.0.1764987877129 HTTP/1.1\r\nHost: echo88.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:22:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 8498\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D8777936D43C57C33E0\r\nAccept-Ranges: bytes\r\nETag: \"6BD985F2AD6C1B4A8F48BC0D481268CC\"\r\nLast-Modified: Sat, 16 Aug 2025 09:34:48 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 1413891857299849453\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000110\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: a9mF8q1sG0qPSLwNSBJozA==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":8498,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"6bd985f2ad6c1b4a8f48bc0d481268cc","sha1":"ef9e04fff06586250d3fdac2918ea0f9c1980e0d","sha256":"c5e48fe61cf201084e20c7786443d9576b890e2225b23f042f1cb8cd293ea9e9","sha512":"45190cffacc8384f6292a5c4a327eaeeb4e971d29632e895c4266b534895308ebdd130e9763132c1dafd538c7501a3a5e729c3459b6c8136765c6ab5c33805ad","ssdeep":"192:Dw1FjfCEmBUBQQ/vxUkIZG8jH4s4OuUZNAdE4hfIEaUTmKiRejsx:8/GviBQ8aruQNAq4FUu1vG","tlshash":"1702cff413fd0c76fecec15cb8ea641920c6626265461763a224c9b2fe5f2991f064f7","first_seen":"2026-02-24T15:46:17.947894Z","last_seen":"2026-05-04T13:28:51.874083Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2043,"timings":{"blocked":1842,"dns":0,"connect":0,"send":0,"wait":201,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echo88.oss-accelerate.aliyuncs.com//echo88b0aa78caff094193bc78c393c262240f.png?2.0.1764987877129","fqdn":"echo88.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.448Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 21 Jan 2026 05:48:22 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"64:86:8B:A7:E4:DC:0E:74:32:46:53:69:3C:B8:E4:89:DD:F6:BD:55","sha256":"B8:C1:A5:52:E0:02:69:05:3E:47:AF:74:43:E0:AC:57:AB:A5:93:BF:4E:FF:3B:47:70:FE:C7:D9:C7:08:29:93"}}},"request":{"raw":"GET //echo88b0aa78caff094193bc78c393c262240f.png?2.0.1764987877129 HTTP/1.1\r\nHost: echo88.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:22:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 2716\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D875378B0F98277EE84\r\nAccept-Ranges: bytes\r\nETag: \"9C227D86C35100ABFEA5D29D9F4EAC95\"\r\nLast-Modified: Sat, 16 Aug 2025 09:35:11 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 4238531254140200766\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000110\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: nCJ9hsNRAKv+pdKdn06slQ==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2716,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"9c227d86c35100abfea5d29d9f4eac95","sha1":"d5dda60d1036988c9456157628c7efc6a1ac52c3","sha256":"3ef9c2353ce040ccffa8503dd5585686b592463c1a8f008775a7157daac44d81","sha512":"5591e3faced0450f3ff7d2bcd79d2d5269ea43d0cf40ecca5838205d14ac38c6db8013322073c689b7eb1c0da29a307f0a563573a63748b6295c024a0fc3691c","ssdeep":"","tlshash":"74515ba72bcfbb0db5c2619af596498664b2003c7d9805efc4c07ab26c61c7899b2147","first_seen":"2026-02-24T15:46:17.91126Z","last_seen":"2026-05-04T13:28:51.861354Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2279,"timings":{"blocked":2030,"dns":0,"connect":0,"send":0,"wait":249,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echo88.oss-accelerate.aliyuncs.com//echo881dbd3a038254423c8a51358e77eb4c8a.jpg?2.0.1764987877129","fqdn":"echo88.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.460Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 21 Jan 2026 05:48:22 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"64:86:8B:A7:E4:DC:0E:74:32:46:53:69:3C:B8:E4:89:DD:F6:BD:55","sha256":"B8:C1:A5:52:E0:02:69:05:3E:47:AF:74:43:E0:AC:57:AB:A5:93:BF:4E:FF:3B:47:70:FE:C7:D9:C7:08:29:93"}}},"request":{"raw":"GET //echo881dbd3a038254423c8a51358e77eb4c8a.jpg?2.0.1764987877129 HTTP/1.1\r\nHost: echo88.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:22:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 4362\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D87F53B5CEB6EA74679\r\nAccept-Ranges: bytes\r\nETag: \"9BC753BF5CEFFEFD0525F71FDF135997\"\r\nLast-Modified: Fri, 05 Sep 2025 15:49:05 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 6999430763340143710\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000110\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: m8dTv1zv/v0FJfcf3xNZlw==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":4362,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced","md5":"9bc753bf5ceffefd0525f71fdf135997","sha1":"94e176865810face403de246b55c79951427262c","sha256":"e28bdb03e92476f6168810ac60cdaa0db42d300582a4efdef5610ae4eefc6983","sha512":"4c312139feead139998a0c85a2f7387afbdaecb5246b6d6e7aa07a43a68ec814ad020e545bb4eee14684e4585bf85f645ff6156c4c55ba3a1370d2c1a7d1f499","ssdeep":"96:D4wspZ0xlQvg4FrT0/KyCf2PJrjuW/OwrlGZAsk:8cxlQoSU/KReBvowrOq","tlshash":"ef918e4b8264c5ad546c36d095765ae8ce6fb5454a8133fe39e3a4593a4c5b3d098330","first_seen":"2026-02-24T15:46:17.917126Z","last_seen":"2026-05-04T13:28:51.871666Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2269,"timings":{"blocked":2076,"dns":0,"connect":0,"send":0,"wait":193,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/resource/svg/light/user.svg?2.0.1764987877129","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /resource/svg/light/user.svg?2.0.1764987877129 HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:14 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:23:14 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2e27XTDxtmWFHOdSEdjeSmBMuR3pr%2FyP%2BPQIAjW%2FTbobxOv5KbGynX8%2BzqxG5aZTtPTZy734TUOy7m3ur2DE2HAHByrlk%2FsfNAnpS%2B%2BobXq9BIvyLJMteaMiUr0%2F\"}]}\r\netag: W/\"69339392-227\"\r\ncontent-encoding: br\r\ncf-ray: 9f67d0217c5a568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":551,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"cbadb23520ecde3a8d7488fc19e95980","sha1":"b10897e06fe244e246e8542b0d1b6d695317576c","sha256":"7217fe0095fa190b95295278d273242aafd0ce4944095f55a3a2a6554d428e46","sha512":"9223a7055472f242d2a4494d80c4c546578663054b494dfd7d3c668157c598c91d6a5e9cfcb1835746b16b02abda7dd674a57b7313011f2a961a87e0cf68a3a9","ssdeep":"","tlshash":"70f04cf7501c949950014550c9de3a85973df133a3468d5eb3a208e68a1454b217c555","first_seen":"2024-07-24T17:37:44Z","last_seen":"2026-05-04T13:30:53.658979Z","times_seen":327,"resource_available":false,"data":null}},"time_used":674,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":674,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"echo88.oss-accelerate.aliyuncs.com/echo8802982cd598aa458a861303064ed4b870.png?2.0.1764987877129","fqdn":"echo88.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.398Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 21 Jan 2026 05:48:22 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"64:86:8B:A7:E4:DC:0E:74:32:46:53:69:3C:B8:E4:89:DD:F6:BD:55","sha256":"B8:C1:A5:52:E0:02:69:05:3E:47:AF:74:43:E0:AC:57:AB:A5:93:BF:4E:FF:3B:47:70:FE:C7:D9:C7:08:29:93"}}},"request":{"raw":"GET /echo8802982cd598aa458a861303064ed4b870.png?2.0.1764987877129 HTTP/1.1\r\nHost: echo88.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:22:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 3044\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D87F79DD6F2E67CD718\r\nAccept-Ranges: bytes\r\nETag: \"BAA715E692B793B36219AAF550B338DB\"\r\nLast-Modified: Sat, 16 Aug 2025 09:33:36 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 14417068645357140330\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000110\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: uqcV5pK3k7NiGar1ULM42w==\r\nx-oss-server-time: 5\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3044,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"baa715e692b793b36219aaf550b338db","sha1":"9546d927404c12cfbd1d7fe2ae415f5b3e5cde76","sha256":"24deffec6d3d068beb2554141c62a76be7a8e786cdf47a7517a88e4d532f8832","sha512":"dab421f18e9c377566facb85430249c3f182bf55b395f415897cc1824e1f556aa07c324c4381c7da6e83a5e69316547ac69beb290033dd4e870dc7d540269c26","ssdeep":"","tlshash":"ce51083e129c624e106d64bcc4a7a8248c3f7bdda7b4112e00757e9b99909be37e05e3","first_seen":"2026-02-24T15:46:17.967751Z","last_seen":"2026-05-04T13:28:51.884176Z","times_seen":7,"resource_available":false,"data":null}},"time_used":3559,"timings":{"blocked":1664,"dns":1535,"connect":25,"send":0,"wait":222,"receive":0,"ssl":103},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echo88.oss-accelerate.aliyuncs.com/echo885ce688a3130a4a82bb1a1515efdb91d3.png?2.0.1764987877129","fqdn":"echo88.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 21 Jan 2026 05:48:22 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"64:86:8B:A7:E4:DC:0E:74:32:46:53:69:3C:B8:E4:89:DD:F6:BD:55","sha256":"B8:C1:A5:52:E0:02:69:05:3E:47:AF:74:43:E0:AC:57:AB:A5:93:BF:4E:FF:3B:47:70:FE:C7:D9:C7:08:29:93"}}},"request":{"raw":"GET /echo885ce688a3130a4a82bb1a1515efdb91d3.png?2.0.1764987877129 HTTP/1.1\r\nHost: echo88.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:22:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 2916\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D8740D002585B8F8C0F\r\nAccept-Ranges: bytes\r\nETag: \"18547F516D7B2EEC348C89D7FD13EF4C\"\r\nLast-Modified: Sat, 16 Aug 2025 09:33:46 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 17799012094804007846\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000110\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: GFR/UW17Luw0jInX/RPvTA==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2916,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"18547f516d7b2eec348c89d7fd13ef4c","sha1":"425a85cef266dae1c10dabac913acb75d2cb26af","sha256":"40630a5fb94670dac61f1ffb07671d755ffb4e21986c7ee8b2d52ca1d431125c","sha512":"5dba186d924c1eab556d08e4b51dfb85313d7b9bb7c259e51fd7de18708c67e98824306262a2b5e056c23ad5863336844b3f4463e0f998be709d61495ad2782a","ssdeep":"","tlshash":"93514bbf9780afbd2a00144ea54e25a184d5bb1cb7f21e3886d6e1a71ece11c18d096a","first_seen":"2026-02-24T15:46:17.969428Z","last_seen":"2026-05-04T13:28:51.853878Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2086,"timings":{"blocked":1855,"dns":0,"connect":0,"send":0,"wait":231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/resource/svg/light/zu29.svg?2.0.1764987877129","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.411Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /resource/svg/light/zu29.svg?2.0.1764987877129 HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:14 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:23:14 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Bx%2BqKHWxxKXxtCNDrkk3gh2OQ4LLNDrTDkftPaoUeuIVToXGah%2BRxhTykNuK5tqN%2FfUsjTWzhNKfHnd7SIhuWSoNXurL8hZMBkJ4olskO7HPCDi9%2BWGI%2B1fmULYb\"}]}\r\netag: W/\"69339392-348\"\r\ncontent-encoding: br\r\ncf-ray: 9f67d021ccc8568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":840,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a11daaf1382f31c1a57202739adf7748","sha1":"ef2b1485dde5d0c14809b2759acbd9a09c18af80","sha256":"9ae3a8a520a4491119fa30d193bc35d15d8a12cc1b62136ce1e89b3db3e71251","sha512":"9b8089fa1eca241be91a837da97c88ab917a50336f820d1d855343b9f8a86d63692bfd4ea3b22d408f748e47580107339b789bc9f4d243379a093b5348dad640","ssdeep":"","tlshash":"280112bf4736a3fdd6644a80aad42799343de042e17404ecb3817e177e2062a0abcd95","first_seen":"2024-07-24T17:37:44Z","last_seen":"2026-05-04T13:28:51.85969Z","times_seen":311,"resource_available":false,"data":null}},"time_used":627,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":627,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"echo88.oss-accelerate.aliyuncs.com/echo88aa9abde329cf4a7dbb2362fae9b052b2.png?2.0.1764987877129","fqdn":"echo88.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 21 Jan 2026 05:48:22 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"64:86:8B:A7:E4:DC:0E:74:32:46:53:69:3C:B8:E4:89:DD:F6:BD:55","sha256":"B8:C1:A5:52:E0:02:69:05:3E:47:AF:74:43:E0:AC:57:AB:A5:93:BF:4E:FF:3B:47:70:FE:C7:D9:C7:08:29:93"}}},"request":{"raw":"GET /echo88aa9abde329cf4a7dbb2362fae9b052b2.png?2.0.1764987877129 HTTP/1.1\r\nHost: echo88.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:22:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 3750\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D8733781B7CB99528E9\r\nAccept-Ranges: bytes\r\nETag: \"55FD3682E594B129B0EF2B3D7228DAB0\"\r\nLast-Modified: Sat, 16 Aug 2025 09:32:04 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 9690721374167720032\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000110\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: Vf02guWUsSmw7ys9cijasA==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3750,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"55fd3682e594b129b0ef2b3d7228dab0","sha1":"94a2fbf66e99bc18c9d50307a3ee90b2033057a2","sha256":"bed0aa73fde931ade74f19faf29dd9de67c132a1800a0909c3e8d5679cda79ff","sha512":"11c248f9f6955e37d929c8b8daf8670d94cfae0ce1dfaefb59c6c4c9434e65b13f81ad8c47930504e3a802e6c814c6411e202b7c7652bc473fbbb4d6f399198a","ssdeep":"","tlshash":"40715bcc48509a7ef4cce9462932ba7c60ee6881d8886149ea61d0962613477fb3c43f","first_seen":"2026-02-24T15:46:17.939117Z","last_seen":"2026-05-04T13:28:51.852237Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2461,"timings":{"blocked":2240,"dns":0,"connect":0,"send":0,"wait":221,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apiv8.ancenns.com/api/notice/list?key=ROLL_NOTICE","fqdn":"apiv8.ancenns.com","domain":"ancenns.com","tld":"com"},"ip":{"addr":"104.21.55.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.699Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ancenns.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 29 Mar 2026 11:20:56 GMT","end":"Sat, 27 Jun 2026 12:16:59 GMT"},"fingerprint":{"sha1":"DA:73:3E:84:54:58:F6:18:15:EF:6B:C9:9C:60:40:B0:C7:A9:E0:DD","sha256":"CE:81:5A:E8:E4:E9:31:4E:94:8C:F7:E9:C2:FD:43:CB:DC:AB:CF:59:D9:AD:C0:8D:D8:FC:27:14:E5:E2:DF:6D"}}},"request":{"raw":"POST /api/notice/list?key=ROLL_NOTICE HTTP/1.1\r\nHost: apiv8.ancenns.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://gstwjy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:22:13 GMT\r\ncontent-type: application/json\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://gstwjy.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=18lc%2B7kwFRa2W63QSuvUNfTGTbGdTqWH9EY9BMirrwOgQdnkvEjimpaSV45YgD7p%2F9WFjQDX0VXDsEfzbzsNhYttJKkZtGL9T%2FoScUQtda3eX9W6ZXxjifL55kofIrhNzzUeiQ%3D%3D\"}]}\r\ncf-ray: 9f67d023ab93568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":511,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"dfc5cd7ed5f2d5460c776a8cba642a15","sha1":"446716aae29f20e0eaed504bf98fd63de807839e","sha256":"c33a7431605f1c8fc71b7d35ea0f77aeb9d0d5ae5828fb91a2d3f2c09b78ebfb","sha512":"56f859da0be764971856888cce3a076aeb8df5c0a14e2a373805142b75a82aecfa59b4f085bdf593c8abc3745ac1bfb21569c01f3eff4892e0a9da430b6fa110","ssdeep":"","tlshash":"e9f0e24e05388e7a580644c715c8bdcd626e1687d6a0cd348a5bcf1c82f56ba1a1ba48","first_seen":"2026-02-24T15:46:17.956479Z","last_seen":"2026-05-04T13:28:51.879657Z","times_seen":7,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":216,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"echo88.oss-accelerate.aliyuncs.com/echo885e9d811a42b147689d9d6e1fa446cd5c.png?2.0.1764987877129","fqdn":"echo88.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.382Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 21 Jan 2026 05:48:22 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"64:86:8B:A7:E4:DC:0E:74:32:46:53:69:3C:B8:E4:89:DD:F6:BD:55","sha256":"B8:C1:A5:52:E0:02:69:05:3E:47:AF:74:43:E0:AC:57:AB:A5:93:BF:4E:FF:3B:47:70:FE:C7:D9:C7:08:29:93"}}},"request":{"raw":"GET /echo885e9d811a42b147689d9d6e1fa446cd5c.png?2.0.1764987877129 HTTP/1.1\r\nHost: echo88.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:22:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 3948\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D87F53B5CEB6EA745C9\r\nAccept-Ranges: bytes\r\nETag: \"F650873AD732A82C28984466BA1E0CDC\"\r\nLast-Modified: Sat, 16 Aug 2025 09:33:18 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 5922200930997596718\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000110\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 9lCHOtcyqCwomERmuh4M3A==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3948,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"f650873ad732a82c28984466ba1e0cdc","sha1":"cc45de965fdd55dbf7f7564679c2927fc77de559","sha256":"39b36a68fabadbdba2d4af4b82adb2df26a217aea508a535bc8645e35e167047","sha512":"c63523179b42ac63d5652bdc1c0bd080843022a2e40d3a021bca4ff7c5c50b7e72f06ca827ef547c6c32683d30afdbb492b022a4d7fbe051c0475f0bd9fcea9a","ssdeep":"","tlshash":"41815d17d29372565738b9ffc527e1e1ea10905393534402bbf01c6fa20eeeb86d10e4","first_seen":"2026-02-24T15:46:17.946595Z","last_seen":"2026-05-04T13:28:51.86592Z","times_seen":7,"resource_available":false,"data":null}},"time_used":3583,"timings":{"blocked":1679,"dns":1548,"connect":22,"send":0,"wait":219,"receive":0,"ssl":109},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echo88.oss-accelerate.aliyuncs.com/echo88bec5c2a30a134025b911069049380ff8.png?2.0.1764987877129","fqdn":"echo88.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.401Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 21 Jan 2026 05:48:22 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"64:86:8B:A7:E4:DC:0E:74:32:46:53:69:3C:B8:E4:89:DD:F6:BD:55","sha256":"B8:C1:A5:52:E0:02:69:05:3E:47:AF:74:43:E0:AC:57:AB:A5:93:BF:4E:FF:3B:47:70:FE:C7:D9:C7:08:29:93"}}},"request":{"raw":"GET /echo88bec5c2a30a134025b911069049380ff8.png?2.0.1764987877129 HTTP/1.1\r\nHost: echo88.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:22:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 4357\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D8733781B7CB99527DD\r\nAccept-Ranges: bytes\r\nETag: \"4863FF0EDBC9820D101735D3E13D3D9D\"\r\nLast-Modified: Sat, 16 Aug 2025 09:33:54 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 12352166826643643394\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000110\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: SGP/DtvJgg0QFzXT4T09nQ==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":4357,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"4863ff0edbc9820d101735d3e13d3d9d","sha1":"92b492705d63df7960a5e1ab7e4e896fcdc1f2c7","sha256":"74c18fd68d5d3eaa478a24cad33c0b1e5e6378b64d2225f65b9681c12ea1a49a","sha512":"0d33eab90789bffdc433cda76e86ca19e4bbafa4c89e0f55177593db95a6b12be1dac2c424e216eef2457e27471b4fe180238df3a0e7bcbce41da9285e5d0acd","ssdeep":"96:fGFY+z2G2SPyA7FwYKmv/jJrskDW2EE2Pw4RkPGrOp68Awiz:fOl2SpxJv/jG1i2RM4A68A/z","tlshash":"4d917ee65640c74eb9d3f52a641d5843d0a104f915ac344dc80717e46d88c45a8effab","first_seen":"2026-02-24T15:46:17.960999Z","last_seen":"2026-05-04T13:28:51.848889Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2077,"timings":{"blocked":1854,"dns":0,"connect":0,"send":0,"wait":222,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/resource/svg/light/mengbanzu12.svg?2.0.1764987877129","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.406Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /resource/svg/light/mengbanzu12.svg?2.0.1764987877129 HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:13 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:23:14 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BiS7k6jLKZAtkruOQr9yOYNnIoK0gPxIoPqGRaiPSSJGnSSZSrgX0CgKL24xp3I0jbrJ0M%2Fz3Lo%2FdxArbipto2SeUjlmka871UYIL8Rnirv9iJXH1Pup%2FutqQqSV\"}]}\r\netag: W/\"69339392-322\"\r\ncontent-encoding: br\r\ncf-ray: 9f67d021ccbe568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":802,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"184d38c97adf35302491834eaf17aee3","sha1":"a21f6508e3eb8b4bf52a510ac9dd219783f561bc","sha256":"5cdcdf5fb66c61d69b6c308a4569e093ff7b0e178fbb1c7d94a599473339bf99","sha512":"a88827fe8f336cb9f4de9cbaade38ff0026d003f03cc096dc443724052a51c417432d1b96b7006e21c49498791fac31678492626f5643eb09d5b94b32afdb9f0","ssdeep":"","tlshash":"d201f6764321c19dd2538b80c7d93f44927eb65bb2d00448b3a32aa74e34f7f55bc595","first_seen":"2024-07-24T17:37:44Z","last_seen":"2026-05-04T13:28:51.835151Z","times_seen":339,"resource_available":false,"data":null}},"time_used":585,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":585,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apiv8.ancenns.com/api/notice/list?key=ACTIVITY_NOTICE\u0026modelKey=HOME_ACTIVITY","fqdn":"apiv8.ancenns.com","domain":"ancenns.com","tld":"com"},"ip":{"addr":"104.21.55.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ancenns.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 29 Mar 2026 11:20:56 GMT","end":"Sat, 27 Jun 2026 12:16:59 GMT"},"fingerprint":{"sha1":"DA:73:3E:84:54:58:F6:18:15:EF:6B:C9:9C:60:40:B0:C7:A9:E0:DD","sha256":"CE:81:5A:E8:E4:E9:31:4E:94:8C:F7:E9:C2:FD:43:CB:DC:AB:CF:59:D9:AD:C0:8D:D8:FC:27:14:E5:E2:DF:6D"}}},"request":{"raw":"OPTIONS /api/notice/list?key=ACTIVITY_NOTICE\u0026modelKey=HOME_ACTIVITY HTTP/1.1\r\nHost: apiv8.ancenns.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://gstwjy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 13:22:13 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://gstwjy.com\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vpUUrc8esZ%2FqRCfbUfForbNqCmkgx%2F2Bm2t6f4s0%2FHwOT2yFjkOy1OgmJXKRmwrz7ejRWeNlaTeLJLQwpuJR1LT3i6JMZvXpzMnKXEGAsp1Pvrm%2BDU9WnhnAX5d7xgoolVYllQ%3D%3D\"}]}\r\ncf-ray: 9f67d02268fd56a5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-04T17:05:16.84953Z","times_seen":14645188,"resource_available":true,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/vendor-4eab0164.js","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:12.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /assets/vendor-4eab0164.js HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:12 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:24:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693393e4-dde6c\"\r\nexpires: Tue, 05 May 2026 01:22:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 1\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uZ3qzR%2FgwvoSaq7%2BMpdYfmm9dvcJkwuyRNs454p1j6OmL2VFohPh%2BkJ8e1pUnULnoBEezKa4MpzZHU3PAc%2BBmFuWO9Dn7%2BF4idaKGY1KTHmo1svtJLRujPeBhXPy\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67d01afc27568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":908908,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"2872601a5118aeb6c6f49a5c5910d0c2","sha1":"4c94bcaf275034f208fe706f85335be427afa537","sha256":"b6758cdec9c83aae31d1437a0cb012e8367c55fde26ea2ebcf0ea6d7c64ddd77","sha512":"2f3bff4c24f64bae571ea490992734b7b7d76eba4efe396dbe49ead33e4e0f85ae611bb0cfb3d265a0243539a3bc1378432157d8ebffd4c5bbf0e9805f4ff5e9","ssdeep":"12288:+x7TNZ0226XGoWUe5DH/vIwI1icLmOj6l+I5lvSGiZIKWZAcPyw+ba2Xp:y7TN8ifTe5vIwIQcLm+nrIKWZAK2a25","tlshash":"d9153ac97692f06147ab24e240bb0006f3396e59740e8494f16dd8eb7d69d89e2b7f3c","first_seen":"2026-02-24T15:46:17.913048Z","last_seen":"2026-05-04T13:28:51.849708Z","times_seen":7,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":7,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"apiv8.ancenns.com/ws/a9d62a70-527c-4df0-a2da-35c00e6d1961","fqdn":"apiv8.ancenns.com","domain":"ancenns.com","tld":"com"},"ip":{"addr":"104.21.55.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:12.374Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ancenns.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 29 Mar 2026 11:20:56 GMT","end":"Sat, 27 Jun 2026 12:16:59 GMT"},"fingerprint":{"sha1":"DA:73:3E:84:54:58:F6:18:15:EF:6B:C9:9C:60:40:B0:C7:A9:E0:DD","sha256":"CE:81:5A:E8:E4:E9:31:4E:94:8C:F7:E9:C2:FD:43:CB:DC:AB:CF:59:D9:AD:C0:8D:D8:FC:27:14:E5:E2:DF:6D"}}},"request":{"raw":"GET /ws/a9d62a70-527c-4df0-a2da-35c00e6d1961 HTTP/1.1\r\nHost: apiv8.ancenns.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://gstwjy.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: fZdznpKCKic40cZbl6rr4Q==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 \r\nDate: Mon, 04 May 2026 13:22:12 GMT\r\nConnection: upgrade\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: https://gstwjy.com\r\nAccess-Control-Allow-Credentials: true\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: ZzkDAVwoKfZd0x3Hu8Y2a5EZMCE=\r\nSec-WebSocket-Extensions: permessage-deflate\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=zmC0CgoqY9Dd2o9DCco4Up3BG6KIvru7dLi14Qdpcekb4TTgDKRviJPsb13eIBk95DpVHm%2F82Bt8BuqS1kK8CirH%2F0n1vXDJRDqL6Wlyb6Vq1Vo8IhEEhJh7Phy8NE9mhCg%2BvA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9f67d01bee05b4f3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=589\u0026min_rtt=542\u0026rtt_var=188\u0026sent=5\u0026recv=8\u0026lost=0\u0026retrans=0\u0026sent_bytes=3111\u0026recv_bytes=1193\u0026delivery_rate=6144271\u0026cwnd=53\u0026unsent_bytes=0\u0026cid=37af10a64a172571\u0026ts=501\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-04T17:05:16.84953Z","times_seen":14645188,"resource_available":true,"data":null}},"time_used":621,"timings":{"blocked":1,"dns":60,"connect":49,"send":0,"wait":481,"receive":7,"ssl":59},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/index-b9c1a9df.js","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.077Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /assets/index-b9c1a9df.js HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:13 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:24:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693393e4-3694\"\r\nexpires: Tue, 05 May 2026 01:22:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=19c51s%2BqZ5sa%2F5WqnIpVagn8dwt2XhQzqxDLJYsM82GBHj4rdwemBPDY6wdJx0gcr4OHRRdhlcm7EzAJKJBCnCt7h5NK4gPByQtbZpugPIaAYbZlZ8HFjJz44N1%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67d01fc9d7568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13972,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (13971)","md5":"77cb84b4ed4bb747f8ff6a42d23bcbc7","sha1":"615eda0ae92fdfad9fedcc4da89a39a75a6331be","sha256":"915f9bddc9612d0a749a608d92a37487f430a9937b73787893d05d4130841d84","sha512":"149196ab6e3233abbbc305937bc71628ad533bd1cb2d9b142d02fb0f600cb14a27f0800f43e6db913bb7a7fb71704bc61105133db801d77c40d7f29190062b45","ssdeep":"384:O2zEntAhRxSJUFAFtAfU2ws0K8+YjFuv6kdqHbhdGrPCRJSD:Rs5SWtAfUrH84hdGrPCjA","tlshash":"e152c762f9029a3cf5fbe05140880050b66a7ffb401989a6b9bc6d4f3356eb8f75d718","first_seen":"2026-02-24T15:46:17.919581Z","last_seen":"2026-05-04T13:28:51.853104Z","times_seen":7,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/currencyItem-00ae23e7.js","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.103Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /assets/currencyItem-00ae23e7.js HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:13 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:24:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693393e4-4b6\"\r\nexpires: Tue, 05 May 2026 01:22:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kQH65x9bs%2BecDfCdVuLBuMPu3OGyQvmsQ%2Bbd0aag7j%2B2NqVeDovh0r4%2F5Boz0peZ1GV6wqsNY6ruD5hYMnnXjn4iGnMfJvMjWd3ybu0aOVbvatTlxAfYacE2LHdq\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67d01fea0d568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1206,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1205)","md5":"4b43741506c9373afc25ec43fe336257","sha1":"cb030fffa1a13483109ad3094c90c31c3ac2d302","sha256":"739e5f1d3c5442e74cbb7b79ec582a56c7ad6bbaa86477f71db070dfa45ee32b","sha512":"fdf5c1a6a62a8b5d21cca686c4c5dd3ab11463d7d124fedb5db26ea53d68e068d66e2d638539fe3fe790cdc372147ebf9071e147631bd8f704c47c6af94f588f","ssdeep":"","tlshash":"ae21cd9aa912c7b1cbbe906285bd5414131d7bda700185c1efed148a37865fcd728a31","first_seen":"2026-02-24T15:46:17.907879Z","last_seen":"2026-05-04T13:28:51.833668Z","times_seen":7,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"echo88.oss-accelerate.aliyuncs.com//echo88855798488665406ebd4a7c2d77d1a406.png?2.0.1764987877129","fqdn":"echo88.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.455Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 21 Jan 2026 05:48:22 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"64:86:8B:A7:E4:DC:0E:74:32:46:53:69:3C:B8:E4:89:DD:F6:BD:55","sha256":"B8:C1:A5:52:E0:02:69:05:3E:47:AF:74:43:E0:AC:57:AB:A5:93:BF:4E:FF:3B:47:70:FE:C7:D9:C7:08:29:93"}}},"request":{"raw":"GET //echo88855798488665406ebd4a7c2d77d1a406.png?2.0.1764987877129 HTTP/1.1\r\nHost: echo88.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:22:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 6640\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D875943078139B9113A\r\nAccept-Ranges: bytes\r\nETag: \"E3668971F1A3DDDDD39EAF45A7B0D098\"\r\nLast-Modified: Sat, 16 Aug 2025 09:36:18 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 675559493456488276\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000110\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 42aJcfGj3d3Tnq9Fp7DQmA==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":6640,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"e3668971f1a3ddddd39eaf45a7b0d098","sha1":"0d757e471901ec3e87fe8024718c934f5d81bb7e","sha256":"8bcf46306787c960465929f81236a881707adb4b6daca38d615aa8774f9514e0","sha512":"1da52abe826e3950ff3511defc94aa8611db1fcd113fdd55c5a3386753d344575d8802f78375b1478e0e30bd39e29cc34926dc3c943c3550f09c5d2ea8885347","ssdeep":"96:LGJol8ImiS3Z9YaN9NOy+WDyR/s2Bie9pd+tcHtWUsvPvFL8k2j1OA:ABIN62aTNx+WDyRzFdSSCdLf+1h","tlshash":"3dd1bf5bd8426de2dc83338e86e0901c457d50d891f68bfb2d4c6e25a60a81d2ab3208","first_seen":"2026-02-24T15:46:17.953691Z","last_seen":"2026-05-04T13:28:51.884952Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2266,"timings":{"blocked":2045,"dns":0,"connect":0,"send":0,"wait":220,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echo88.oss-accelerate.aliyuncs.com/echo88d63050af0fcf4f41b626d0718817db2d.png?2.0.1764987877129","fqdn":"echo88.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.468Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 21 Jan 2026 05:48:22 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"64:86:8B:A7:E4:DC:0E:74:32:46:53:69:3C:B8:E4:89:DD:F6:BD:55","sha256":"B8:C1:A5:52:E0:02:69:05:3E:47:AF:74:43:E0:AC:57:AB:A5:93:BF:4E:FF:3B:47:70:FE:C7:D9:C7:08:29:93"}}},"request":{"raw":"GET /echo88d63050af0fcf4f41b626d0718817db2d.png?2.0.1764987877129 HTTP/1.1\r\nHost: echo88.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:22:16 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 3750\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D8877936D43C57C34E1\r\nAccept-Ranges: bytes\r\nETag: \"55FD3682E594B129B0EF2B3D7228DAB0\"\r\nLast-Modified: Sat, 16 Aug 2025 09:32:06 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 9690721374167720032\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000110\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: Vf02guWUsSmw7ys9cijasA==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3750,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"55fd3682e594b129b0ef2b3d7228dab0","sha1":"94a2fbf66e99bc18c9d50307a3ee90b2033057a2","sha256":"bed0aa73fde931ade74f19faf29dd9de67c132a1800a0909c3e8d5679cda79ff","sha512":"11c248f9f6955e37d929c8b8daf8670d94cfae0ce1dfaefb59c6c4c9434e65b13f81ad8c47930504e3a802e6c814c6411e202b7c7652bc473fbbb4d6f399198a","ssdeep":"","tlshash":"40715bcc48509a7ef4cce9462932ba7c60ee6881d8886149ea61d0962613477fb3c43f","first_seen":"2026-02-24T15:46:17.939117Z","last_seen":"2026-05-04T13:28:51.852237Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2675,"timings":{"blocked":2452,"dns":0,"connect":0,"send":0,"wait":222,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apiv8.ancenns.com/api/common/getAllSetting","fqdn":"apiv8.ancenns.com","domain":"ancenns.com","tld":"com"},"ip":{"addr":"104.21.55.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ancenns.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 29 Mar 2026 11:20:56 GMT","end":"Sat, 27 Jun 2026 12:16:59 GMT"},"fingerprint":{"sha1":"DA:73:3E:84:54:58:F6:18:15:EF:6B:C9:9C:60:40:B0:C7:A9:E0:DD","sha256":"CE:81:5A:E8:E4:E9:31:4E:94:8C:F7:E9:C2:FD:43:CB:DC:AB:CF:59:D9:AD:C0:8D:D8:FC:27:14:E5:E2:DF:6D"}}},"request":{"raw":"OPTIONS /api/common/getAllSetting HTTP/1.1\r\nHost: apiv8.ancenns.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://gstwjy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 13:22:13 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://gstwjy.com\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ogwiwtwELr88hZF%2BGvWT8T%2FC2OFiBUqy58DX5dM9qiJs%2Bks9Jwr3qveI9VjK7%2FJ0SmZWdVmCFtoJX3xCqNcttKFlroFxRVxiO%2FnIv2PHQd2F0E5vZpb7rMKRCjf042U%2F0Sw%2FiQ%3D%3D\"}]}\r\ncf-ray: 9f67d022690156a5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-04T17:05:16.84953Z","times_seen":14645188,"resource_available":true,"data":null}},"time_used":424,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":424,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/charting_library/charting_library.min.js","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:09.826Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /charting_library/charting_library.min.js HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:10 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:23:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69339390-2a6a\"\r\nexpires: Tue, 05 May 2026 01:22:10 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9EVBmyqBmSmKajm0SPv4WVrP%2Ber7JWLWBa0Q%2BoPS8QP9Hl0pArAuR4imKasDSOUXC6J1b5JXMcZLrZNMmOQca3anYJTbIXBAuYz7eKtybc9M1ts0lTsxKGTrbe9O\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67d00b689a568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10858,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10857)","md5":"8573e89d9ec535663d75f21b1f08109c","sha1":"a8d9eea0b157ceeffc38d4254e6f6abc9d697d10","sha256":"cb0c6c9f1771d252eee7caa043bdd7cfffbd52c2cc4b18b7be7c4554ed069151","sha512":"55d728fa1e0682725f94b17387c6790792d3d34b43652a00097876118575bd6cefa20916d80674519005d72f20ecbb745e9645516c056e6f9bb6691d5efbcb33","ssdeep":"192:9fdWSo7ktFUnoBelr6lw2LfnzuIQPlaJ1i10K+Ei/ISJhvHIheu5Ph3Ffam:vWS2ktFUnoIlD2LfnqIJimK+5/ISJhvu","tlshash":"6e224f58ed2478720acb54f0427f180f8239e278d84944ed3cc4e6ec59fd44a6a6fbb8","first_seen":"2023-08-16T00:37:19Z","last_seen":"2026-05-04T13:28:51.864657Z","times_seen":479,"resource_available":true,"data":null}},"time_used":615,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":615,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apiv8.ancenns.com/api/common/getAllSetting","fqdn":"apiv8.ancenns.com","domain":"ancenns.com","tld":"com"},"ip":{"addr":"104.21.55.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:12.361Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ancenns.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 29 Mar 2026 11:20:56 GMT","end":"Sat, 27 Jun 2026 12:16:59 GMT"},"fingerprint":{"sha1":"DA:73:3E:84:54:58:F6:18:15:EF:6B:C9:9C:60:40:B0:C7:A9:E0:DD","sha256":"CE:81:5A:E8:E4:E9:31:4E:94:8C:F7:E9:C2:FD:43:CB:DC:AB:CF:59:D9:AD:C0:8D:D8:FC:27:14:E5:E2:DF:6D"}}},"request":{"raw":"OPTIONS /api/common/getAllSetting HTTP/1.1\r\nHost: apiv8.ancenns.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://gstwjy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 13:22:12 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://gstwjy.com\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0YwZtr07yZvrOVCr9N9rfOaJeYatNNBEZlx5nii8eXctkbbRvrLbWFPm0DApCS3ULP2yrCBGMP%2FUHQnz6ZyEwWtLl0IYWeNWy0Tnm%2FHNPd61yo5lF32OjkFBQ4dwlo%2BVD6TqqQ%3D%3D\"}]}\r\ncf-ray: 9f67d01ba9e656a5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-04T17:05:16.84953Z","times_seen":14645188,"resource_available":true,"data":null}},"time_used":546,"timings":{"blocked":65,"dns":14,"connect":1,"send":0,"wait":412,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/index-66d52477.js","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:12.418Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /assets/index-66d52477.js HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:12 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:24:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693393e4-1236\"\r\nexpires: Tue, 05 May 2026 01:22:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BA%2BhhYhVm%2BUHKOkLwkgeBIGPC%2F3%2BdNiNex7cfGklf6mib8YzxOlFob%2FiraqhR%2FlYnPhx8pLwUIIm5LKGwV3Ybw0k2RDOkpjoiqfIAWJTgpoEl5sd%2BOc8sH6n1ecl\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67d01bad15568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4662,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (4655)","md5":"efb3eb8b97e2aefe436f931b2f07f045","sha1":"a2d7f83e33bdb2d7691eaeed2dbd0ae24501dfb7","sha256":"06585c777303267974c08306e42c0c1ca5023716322b5071afba307261acec95","sha512":"a5cada7693c6534bf5d0470dce5556b45ca38cafd5312ac76dfcec6340d9124180c814c60142439fd047d2e9deb1bd1b480c907f07f16f245e29f099e0d76976","ssdeep":"96:H7IX0vfp9YqqD+wS2EzGMyy0b1ai6Ble3hvJTe3X9NthejA:bm0vf7YqqiwSfey0bYLGhvJaXfsA","tlshash":"a8a1c899f80286bbe9771440084c041021adbbfaf21548f2fbfead4a67b5979d354722","first_seen":"2026-02-24T15:46:17.896935Z","last_seen":"2026-05-04T13:28:51.858425Z","times_seen":7,"resource_available":true,"data":null}},"time_used":209,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":206,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apiv8.ancenns.com/api/common/getCoinList","fqdn":"apiv8.ancenns.com","domain":"ancenns.com","tld":"com"},"ip":{"addr":"104.21.55.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:12.888Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ancenns.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 29 Mar 2026 11:20:56 GMT","end":"Sat, 27 Jun 2026 12:16:59 GMT"},"fingerprint":{"sha1":"DA:73:3E:84:54:58:F6:18:15:EF:6B:C9:9C:60:40:B0:C7:A9:E0:DD","sha256":"CE:81:5A:E8:E4:E9:31:4E:94:8C:F7:E9:C2:FD:43:CB:DC:AB:CF:59:D9:AD:C0:8D:D8:FC:27:14:E5:E2:DF:6D"}}},"request":{"raw":"POST /api/common/getCoinList HTTP/1.1\r\nHost: apiv8.ancenns.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlang: en-US\r\nOrigin: https://gstwjy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 13:22:13 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://gstwjy.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LCDzno4Ck%2F0vwl670J%2F%2BvsPml83Rt%2BllVsyYQwZY1HuEo%2Be1wYJq5kYJQ1vtG6ewkvq%2BibuPgCeprK2x7xt7xXJBJoNwK%2FEEd4FpYC2w%2B7kZHDhC2SZN7o1r3IJoyYT2XPnhVg%3D%3D\"}]}\r\ncf-ray: 9f67d01e7c9856a5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16599,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"82cc36416b0f0ba2f789445b0dae84e3","sha1":"4720566e9b09ba83ff6457d3728d849d822f764a","sha256":"77862ab069979e31de4046902c12d32326d4476f96dd7654403b93e4c8964db2","sha512":"b83277c260deb2e1ad88c317200d0623c5ae48a4784046b32f2f268fab3137b2977307ca98f726c2a01b512f63190323de5e96ab7227997659fd0a4c295f3fe6","ssdeep":"192:VX95LXqlOX/SeXMyWXS2XYMV0XAVXpKaSYguB3wXebwYKK7+gYfCICK5YnjZzG7v:2IkEgq+zD2DBn","tlshash":"10724352223885bdc47ed1d12eafbe05618d367fe8c6cd2ad6cd4d488dd4ab4290ef02","first_seen":"2026-04-23T15:57:14.332637Z","last_seen":"2026-05-04T13:28:51.876095Z","times_seen":4,"resource_available":false,"data":null}},"time_used":421,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":421,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apiv8.ancenns.com/api/common/type/defi_activity_type","fqdn":"apiv8.ancenns.com","domain":"ancenns.com","tld":"com"},"ip":{"addr":"104.21.55.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ancenns.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 29 Mar 2026 11:20:56 GMT","end":"Sat, 27 Jun 2026 12:16:59 GMT"},"fingerprint":{"sha1":"DA:73:3E:84:54:58:F6:18:15:EF:6B:C9:9C:60:40:B0:C7:A9:E0:DD","sha256":"CE:81:5A:E8:E4:E9:31:4E:94:8C:F7:E9:C2:FD:43:CB:DC:AB:CF:59:D9:AD:C0:8D:D8:FC:27:14:E5:E2:DF:6D"}}},"request":{"raw":"OPTIONS /api/common/type/defi_activity_type HTTP/1.1\r\nHost: apiv8.ancenns.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://gstwjy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 13:22:13 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://gstwjy.com\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tQsgi%2FytslkzgmLaPnSA2xxfs%2FYWikErvc1IpOYLwBFoXrb1HvbRLUEYkBfZANaTDaUV2BlOCmQuOg%2B6V4QsVtgz35SHY47V2B23hRwx4zM4SuM%2FVkiKIJR2HU7ZzSsTyEysTg%3D%3D\"}]}\r\ncf-ray: 9f67d022690356a5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-04T17:05:16.84953Z","times_seen":14645188,"resource_available":true,"data":null}},"time_used":434,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":434,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/index-43a475f0.css","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:09.833Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /assets/index-43a475f0.css HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:10 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:24:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693393e4-4b949\"\r\nexpires: Tue, 05 May 2026 01:22:10 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4prtAL3OPwNVHuJaZ%2BTgX7K0IT1KemOhO0R8ZVvRzrg4Ildba0pETuAZGadTUIztxsthsy5z6TjRGQc%2FReNZu%2FWmTuP5pLqpc1rQGJqtFW4VRZ0FC2NrST%2Bo6mLL\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67d00b68a3568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":309577,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65018), with no line terminators","md5":"5793bb3776d67d920541f02f79a42584","sha1":"fa7ae83f6a9273fabf70ba736911239f76277e4e","sha256":"43a475f08a224794154fa30ab45aa484941499145694e6aeaaadfc406a1e0a6c","sha512":"707797378add5f00a9877ac877e1bd91eff1e4cd82b4781602838ca7a6f984af190109f12b4c32c68c7cccb3acfbb1b360abe19374b19a6326f7c7328b87ce70","ssdeep":"6144:nevxsalDWVEkZ8w71ZACkFDS3vyf58rBeV05TA:ev10VdZ8w71ZACkFDS3vyf58rBeV05TA","tlshash":"c464d6a9a590117c6f27aa759bce5ad8f23ce6719c118de8f20160094fc3ff92363617","first_seen":"2026-02-24T15:46:17.965813Z","last_seen":"2026-05-04T13:28:51.882177Z","times_seen":7,"resource_available":false,"data":null}},"time_used":997,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":801,"receive":196,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"echo88.oss-accelerate.aliyuncs.com/echo88807ff7f624bb45c292dde542b8cf0fa5.png","fqdn":"echo88.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.350Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 21 Jan 2026 05:48:22 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"64:86:8B:A7:E4:DC:0E:74:32:46:53:69:3C:B8:E4:89:DD:F6:BD:55","sha256":"B8:C1:A5:52:E0:02:69:05:3E:47:AF:74:43:E0:AC:57:AB:A5:93:BF:4E:FF:3B:47:70:FE:C7:D9:C7:08:29:93"}}},"request":{"raw":"GET /echo88807ff7f624bb45c292dde542b8cf0fa5.png HTTP/1.1\r\nHost: echo88.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:22:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 4316\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D875378B0F98277EDB8\r\nAccept-Ranges: bytes\r\nETag: \"F4E847F3DB386A95A9CF0DDAA4C5AA1A\"\r\nLast-Modified: Sun, 14 Sep 2025 01:18:21 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 8384763916058538840\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000110\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 9OhH89s4apWpzw3apMWqGg==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":4316,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"f4e847f3db386a95a9cf0ddaa4c5aa1a","sha1":"a0dc179abd173b438ca12ebc37d066a3831c2775","sha256":"f84eb89fb412b186366ed45864ac08b54b02f142e30ccd018885dc3d9e7bb95f","sha512":"4d3bb9c7ec61d4aaad9b3b76dfad3d56be0d3ca2ce88f7464d0e9dc143537bf34b6357e8d9ce127f6adf30b9d0b2f82e3da1c39aeb043cb22dc634b93b66819c","ssdeep":"96:7qL6E7QE68zDSC2qejpUDXuJtIHpx8Oe7CWeFzcX8TqZqUF:PEiLiTuJtIJx8OdFQX8ux","tlshash":"3a917da1b20519722ffd06aaa56fc7354f97f14d22086909bfbde180f72d09e624126e","first_seen":"2025-06-03T16:32:00.332445Z","last_seen":"2026-05-04T13:28:51.887184Z","times_seen":12,"resource_available":false,"data":null}},"time_used":3614,"timings":{"blocked":1710,"dns":1574,"connect":20,"send":0,"wait":194,"receive":0,"ssl":113},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/index-9b2b8034.js","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:09.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /assets/index-9b2b8034.js HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:10 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:24:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693393e4-190fe\"\r\nexpires: Tue, 05 May 2026 01:22:10 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L7Vozd53HktaTpV83WHT%2F9AjldE%2BY4A6T0Zv9shrU9sSL4RPRy9UBdUenbnodguJmIIUw3gmHUaMFI3gi84QTLzpTzPrNrzFuPF9c5bk2XrS6sAvBHEvj9ZerRJk\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67d00b689e568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102654,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65526), with no line terminators","md5":"b5f8fdf072fe43180ddffbc308015d2e","sha1":"e96648c196c95ae03b959c782f346530afded297","sha256":"f36783879e54a01b666750ae86823d603967fcfda33e5c95caadde850555426a","sha512":"a476fdba2b180eed103b754f6b93df58c14b2660354949eacdb2695c251b40de0bd57ea3f2e5b0742da8395bdb891e48c3dccaa249cac0c772c3254725884b7d","ssdeep":"1536:i3u5Gko+sgdK9HhCIUqfQgKje/QUS0tXmwt/p6V:Gpko+QBUqfQgKje/KOA","tlshash":"e6a36c8e950b0eff5dfd0854b94b995021790fc3988ccc97b37a6e0a37fac94625a718","first_seen":"2026-02-24T15:46:17.905976Z","last_seen":"2026-05-04T13:28:51.862076Z","times_seen":7,"resource_available":true,"data":null}},"time_used":807,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":807,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/platform/dev/config.js?1777900932344","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:12.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /platform/dev/config.js?1777900932344 HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:12 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:23:12 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 05 May 2026 01:22:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2H6gPaTc03cu6LSfx6cU7wbeTmpnHdHXlYYxWn2Mr8M9RfPGofwMcq9%2FihbowAVgqfDyyKNpGkW50yBwzS%2BzvAMsaWqOhRko925iGZ%2BbZ2KazkDQQFkRqZRpOIja\"}]}\r\netag: W/\"69339390-215\"\r\ncontent-encoding: br\r\ncf-ray: 9f67d01b3c87568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":533,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"b11646929c5a494ed4b84febde4b3fa2","sha1":"d72b6d07c7365009a8d302b90028d7b1f1b7b796","sha256":"0800cf37279fc1174c9092d0cf762ae06f9375eee4c7cf90b59e4f1ca022060d","sha512":"273414c46d45fd304691b776754e98819dc71de6a6797aaf1adfd06dcb97f3680b86607c112d664350a2a6e80e1770769c4407718f803b02103fb991c13db93b","ssdeep":"","tlshash":"b1f02bd225e45844e3351a7651e87d1ca2807326c4e6023674b44c690fb9e364524976","first_seen":"2026-02-24T15:46:17.900979Z","last_seen":"2026-05-04T13:28:51.883121Z","times_seen":7,"resource_available":false,"data":null}},"time_used":627,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":627,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/index-bc011be9.css","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:12.403Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /assets/index-bc011be9.css HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:13 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:24:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 05 May 2026 01:22:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5ui2%2FCRWseNEn9A7xyr6qDx0Qco16jFOmUpHGjs4vhnT%2Brn8uR0nRUH8BFEHh8JSNxq8LSUUSALAE9mKHQjEpRHn2tx6wqr1Akx6ePYJczRrN30TbNVdgD5tBQ6c\"}]}\r\netag: W/\"693393e4-18d\"\r\ncontent-encoding: br\r\ncf-ray: 9f67d01b9cf5568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":397,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (396)","md5":"5353ff252ee4a5e7a3d0176de6a6c712","sha1":"c83942b5dfdb4aa8be53f26b39e53b0b257595e0","sha256":"bc011be90fd6cd33a399912151a5f69ba0d8e394563c71c4c1bea7a4ec032516","sha512":"9a17506817918ef0c9a5d0caebaed8f603641dc1015a726bdf247645a7e0a988b543756d7254abafa18dd4cd9d27c9a198300632156faf59f05c1e27f0a5e30a","ssdeep":"","tlshash":"5ae092c890d6927fb62b607d267c931ad425ac88d8007bb8e67fabb146c7ac53172215","first_seen":"2024-01-05T03:21:29Z","last_seen":"2026-05-04T13:34:50.782928Z","times_seen":657,"resource_available":false,"data":null}},"time_used":619,"timings":{"blocked":6,"dns":0,"connect":0,"send":0,"wait":613,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/index-66d52477.js","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.101Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /assets/index-66d52477.js HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:13 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:24:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693393e4-1236\"\r\nexpires: Tue, 05 May 2026 01:22:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ND9uxsOmkUrqPCmVBGEmnvk7vrii6DYph%2BVVnGGKgPsaJBR%2BtN1xDkD%2BX7Q90tIM2OAuY7GA9WY1KBefIuLeb8bq5t8A%2FxRaMp9zvWXYRa1zMYaDgttPBVXP%2BjcL\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67d01fea0a568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4662,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, Unicode text, UTF-8 text, with very long lines (4655)","md5":"efb3eb8b97e2aefe436f931b2f07f045","sha1":"a2d7f83e33bdb2d7691eaeed2dbd0ae24501dfb7","sha256":"06585c777303267974c08306e42c0c1ca5023716322b5071afba307261acec95","sha512":"a5cada7693c6534bf5d0470dce5556b45ca38cafd5312ac76dfcec6340d9124180c814c60142439fd047d2e9deb1bd1b480c907f07f16f245e29f099e0d76976","ssdeep":"96:H7IX0vfp9YqqD+wS2EzGMyy0b1ai6Ble3hvJTe3X9NthejA:bm0vf7YqqiwSfey0bYLGhvJaXfsA","tlshash":"a8a1c899f80286bbe9771440084c041021adbbfaf21548f2fbfead4a67b5979d354722","first_seen":"2026-02-24T15:46:17.896935Z","last_seen":"2026-05-04T13:28:51.858425Z","times_seen":7,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"echo88.oss-accelerate.aliyuncs.com/echo8840560a278db2490a9ee49b6bd8ce9a4a.png?2.0.1764987877129","fqdn":"echo88.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 21 Jan 2026 05:48:22 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"64:86:8B:A7:E4:DC:0E:74:32:46:53:69:3C:B8:E4:89:DD:F6:BD:55","sha256":"B8:C1:A5:52:E0:02:69:05:3E:47:AF:74:43:E0:AC:57:AB:A5:93:BF:4E:FF:3B:47:70:FE:C7:D9:C7:08:29:93"}}},"request":{"raw":"GET /echo8840560a278db2490a9ee49b6bd8ce9a4a.png?2.0.1764987877129 HTTP/1.1\r\nHost: echo88.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:22:16 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 6606\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D885943078139B911DF\r\nAccept-Ranges: bytes\r\nETag: \"C62BF3DBBB27F171A4890199B18B7C18\"\r\nLast-Modified: Sat, 16 Aug 2025 09:32:25 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 14754154671070119556\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000110\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: xivz27sn8XGkiQGZsYt8GA==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":6606,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"c62bf3dbbb27f171a4890199b18b7c18","sha1":"36a0d37376ef223a885d23bb58ae97e7892e4d14","sha256":"99f8521b04fe4313c75e28f7141d26740b6b71391978067471de02fbb712715f","sha512":"5b03bf16578412ed13ead20547785ec01cc3d65ccafda747d9eb6e4f960c56dfd4fc48028d3eea92babef2c1d2fe79ce1a77a8062b7798f1aafa6345a3d2ff8b","ssdeep":"96:5T2Rh4VD4e4kk53p+/AWAdx8gKbm2SDQwTLbMi5VIWaeADwboFXnwp/ZX+OHQMbw:28XkniRWxibEMGhboF3wFZOOwlEQ","tlshash":"2cd19d438b4109a41e6b53d2a364dea32ef2a200c8d09c5abbe7fef4d41209546c36f0","first_seen":"2026-02-24T15:46:17.9369Z","last_seen":"2026-05-04T13:28:51.836258Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2683,"timings":{"blocked":2458,"dns":0,"connect":0,"send":0,"wait":224,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/currencyItem-00ae23e7.js","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:12.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /assets/currencyItem-00ae23e7.js HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:13 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:24:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693393e4-4b6\"\r\nexpires: Tue, 05 May 2026 01:22:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Si0ZGcsIvYADTB7YU%2BsOmAyvbQh6y6XDW4VW004teswOlKFcKSJKzG6eYem7BPi8D%2B0EfJaysxAMLp2dXGQJBlAvpMoKPLD%2BfeE%2Fxh6pCSfaGE3e7%2Ft4CRr7ywC4\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67d01bad19568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1206,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1205)","md5":"4b43741506c9373afc25ec43fe336257","sha1":"cb030fffa1a13483109ad3094c90c31c3ac2d302","sha256":"739e5f1d3c5442e74cbb7b79ec582a56c7ad6bbaa86477f71db070dfa45ee32b","sha512":"fdf5c1a6a62a8b5d21cca686c4c5dd3ab11463d7d124fedb5db26ea53d68e068d66e2d638539fe3fe790cdc372147ebf9071e147631bd8f704c47c6af94f588f","ssdeep":"","tlshash":"ae21cd9aa912c7b1cbbe906285bd5414131d7bda700185c1efed148a37865fcd728a31","first_seen":"2026-02-24T15:46:17.907879Z","last_seen":"2026-05-04T13:28:51.833668Z","times_seen":7,"resource_available":true,"data":null}},"time_used":639,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":636,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"echo88.oss-accelerate.aliyuncs.com/echo884c05c0026d7345288f7d20b444a8b03f.png?2.0.1764987877129","fqdn":"echo88.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 21 Jan 2026 05:48:22 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"64:86:8B:A7:E4:DC:0E:74:32:46:53:69:3C:B8:E4:89:DD:F6:BD:55","sha256":"B8:C1:A5:52:E0:02:69:05:3E:47:AF:74:43:E0:AC:57:AB:A5:93:BF:4E:FF:3B:47:70:FE:C7:D9:C7:08:29:93"}}},"request":{"raw":"GET /echo884c05c0026d7345288f7d20b444a8b03f.png?2.0.1764987877129 HTTP/1.1\r\nHost: echo88.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:22:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 3102\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D8713F9D45280B37532\r\nAccept-Ranges: bytes\r\nETag: \"226AA5FDFD5255FBA487E38173B7055C\"\r\nLast-Modified: Sat, 16 Aug 2025 09:34:14 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 6716149215243198370\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000110\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: Imql/f1SVfukh+OBc7cFXA==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3102,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"226aa5fdfd5255fba487e38173b7055c","sha1":"392624860534d8ad57539d75fcfd369c17d576b2","sha256":"c36462aa99f7dff305dc54e86e769f6ce90453c6b418e340dd34e0bd55d64e68","sha512":"9d65e6b7daeca24f9fc79e18574a685c919ab7d3ce178ca99210a7d729b03141eff1cb1a96015aa431e66362d4f5ad07b1d551cbd004bdc9641dfde6d88c4c65","ssdeep":"","tlshash":"e1513dea833a4737730d6332a45116fdd27c38644d85621fc2f0d217b627d911e598ee","first_seen":"2026-02-24T15:46:17.89854Z","last_seen":"2026-05-04T13:28:51.854714Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2097,"timings":{"blocked":1878,"dns":0,"connect":0,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/resource/svg/light/zu447.svg?2.0.1764987877129","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.414Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /resource/svg/light/zu447.svg?2.0.1764987877129 HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:14 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:23:14 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iEyehgfOnXH7AiWqfGRTUzEV966d7cChOOEloodIGfMRkT076ikT9OdSzxGrO%2BDtND9an9efZCIf3gthZ8OkAYZdGMJh1BGzRERTTTE1G5D2g5BbV9ic9jmHOD4B\"}]}\r\netag: W/\"69339392-1a4\"\r\ncontent-encoding: br\r\ncf-ray: 9f67d021ccd4568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":420,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"23b51e86174e8f6920f0afedc42bb423","sha1":"cdd01b04898627077aff5bfcfe4c8d1729d89397","sha256":"3a30987fe9e27f43c0c43f5aea739a13a599a6f633131b6f042f039f15de83e7","sha512":"4c3eae2304dc9d458aac7064d93cfc502fca1543b29bd5490adb51fb806dd0596a2c854b560f605d99a78243e8cd1fe60cbd6b09b663594d4333beda3820533c","ssdeep":"","tlshash":"fee05c16cc15100e51010e95c3d11f68a47ff183c2a508aefbe0127b4ab5c0a6cbc32a","first_seen":"2024-08-19T15:53:11.170684Z","last_seen":"2026-05-04T13:28:51.876827Z","times_seen":372,"resource_available":false,"data":null}},"time_used":683,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":682,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"echo88.oss-accelerate.aliyuncs.com/echo88765135f024f94bb5bd1874c2e417970e.png?2.0.1764987877129","fqdn":"echo88.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.471Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 21 Jan 2026 05:48:22 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"64:86:8B:A7:E4:DC:0E:74:32:46:53:69:3C:B8:E4:89:DD:F6:BD:55","sha256":"B8:C1:A5:52:E0:02:69:05:3E:47:AF:74:43:E0:AC:57:AB:A5:93:BF:4E:FF:3B:47:70:FE:C7:D9:C7:08:29:93"}}},"request":{"raw":"GET /echo88765135f024f94bb5bd1874c2e417970e.png?2.0.1764987877129 HTTP/1.1\r\nHost: echo88.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:22:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 4061\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D87BE2E677391C2AABB\r\nAccept-Ranges: bytes\r\nETag: \"0CBC1467260AAF10D742AB4ADAB011C0\"\r\nLast-Modified: Sat, 16 Aug 2025 09:32:11 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 13946561901315639168\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000110\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: DLwUZyYKrxDXQqtK2rARwA==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":4061,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"0cbc1467260aaf10d742ab4adab011c0","sha1":"c65d5ba12edc0f4388c6068bd7d93a8398404f3c","sha256":"c671e69b957419edac0540d737f67f0a50df88c5f645ad51cf6e1f60a687f430","sha512":"bfc2457de0868d2299accf0b62983b2654470d951f7209527a7cf2309bc5abe218af0cc032c34194fb11cd3fd212ddcde2c4a4dd7b2cda573da26e4ed571dcdc","ssdeep":"","tlshash":"fb817d12400da4c9c1368efae8a475247278fcbf5681bbd4e52c14fc8142dfa816138f","first_seen":"2026-02-24T15:46:17.920728Z","last_seen":"2026-05-04T13:28:51.843531Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2470,"timings":{"blocked":2250,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echo88.oss-accelerate.aliyuncs.com/echo88916e8e57952946d9b6fff88c9a1b9dd3.png?2.0.1764987877129","fqdn":"echo88.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.390Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 21 Jan 2026 05:48:22 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"64:86:8B:A7:E4:DC:0E:74:32:46:53:69:3C:B8:E4:89:DD:F6:BD:55","sha256":"B8:C1:A5:52:E0:02:69:05:3E:47:AF:74:43:E0:AC:57:AB:A5:93:BF:4E:FF:3B:47:70:FE:C7:D9:C7:08:29:93"}}},"request":{"raw":"GET /echo88916e8e57952946d9b6fff88c9a1b9dd3.png?2.0.1764987877129 HTTP/1.1\r\nHost: echo88.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:22:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 3569\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D87304E2ECEA790FE64\r\nAccept-Ranges: bytes\r\nETag: \"E0B2018E76D909C33D658E5BFAF086FA\"\r\nLast-Modified: Sat, 16 Aug 2025 09:33:24 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2075461851477057207\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000110\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 4LIBjnbZCcM9ZY5b+vCG+g==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":3569,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"e0b2018e76d909c33d658e5bfaf086fa","sha1":"337829c7a2200dd4d67e9e3842516e6b991b7240","sha256":"b97c1a7ebd3e093eeaf1e6711f788dcb4ffe4e8d530df2d46d61d13910bb9ede","sha512":"829422500eb2101c0cb594584df599d967c52a26ef09f1f1905cf181aea141123fad6a5ed05a8b9855b43c8946bb4d44efce8201daff9aedb780419862ca968e","ssdeep":"","tlshash":"5f714dfb5fa869e89a110d34d7861244df3d3de44f140d6af992ed504a6de6024835ca","first_seen":"2026-02-24T15:46:17.921743Z","last_seen":"2026-05-04T13:28:51.848019Z","times_seen":7,"resource_available":false,"data":null}},"time_used":3543,"timings":{"blocked":1671,"dns":1542,"connect":22,"send":0,"wait":193,"receive":0,"ssl":106},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echo88.oss-accelerate.aliyuncs.com//echo8885a4ae926385462bad9fe050ee8c044b.jfif?2.0.1764987877129","fqdn":"echo88.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.437Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 21 Jan 2026 05:48:22 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"64:86:8B:A7:E4:DC:0E:74:32:46:53:69:3C:B8:E4:89:DD:F6:BD:55","sha256":"B8:C1:A5:52:E0:02:69:05:3E:47:AF:74:43:E0:AC:57:AB:A5:93:BF:4E:FF:3B:47:70:FE:C7:D9:C7:08:29:93"}}},"request":{"raw":"GET //echo8885a4ae926385462bad9fe050ee8c044b.jfif?2.0.1764987877129 HTTP/1.1\r\nHost: echo88.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:22:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 6759\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D87CC39EA3F32B2E434\r\nAccept-Ranges: bytes\r\nETag: \"83F994BCEE7EB03751174D941230177F\"\r\nLast-Modified: Mon, 25 Aug 2025 02:14:14 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 10360030942737299293\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000110\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: g/mUvO5+sDdRF02UEjAXfw==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":6759,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"83f994bcee7eb03751174d941230177f","sha1":"4d0f0e89672d41cf2ffe9a2a8bc60b5d796363c0","sha256":"da7256b1c04dd0fd2376cdbe0e16b34bec33d896aca6c8255cfde2d820ffaae5","sha512":"934a4729b1323364a965ce1026c6ac34157988b2dc4648409642473af168f47d4341670a1b0efcc5b697ef50b621fc5d803b04df7c892f8e2c4c1c3907605cee","ssdeep":"96:OC678fYv/BwpheGHv+2Qe8l8crAVzH+iqxDaeSECf5b8nOswxIuDsVvBlZu5tIIS:5fu/BwphDFpeiWD5UbwuMqKIS4e1","tlshash":"8dd1af7fd34e2b0e2a8029050571572cb2c97c7b839e67c80a23429fe62dd5b904f768","first_seen":"2026-02-24T15:46:17.909587Z","last_seen":"2026-05-04T13:28:51.877572Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2091,"timings":{"blocked":1844,"dns":0,"connect":0,"send":0,"wait":246,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echo88.oss-accelerate.aliyuncs.com//echo884be857d20aae4d14ab1523bfd7ca1264.png?2.0.1764987877129","fqdn":"echo88.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.446Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 21 Jan 2026 05:48:22 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"64:86:8B:A7:E4:DC:0E:74:32:46:53:69:3C:B8:E4:89:DD:F6:BD:55","sha256":"B8:C1:A5:52:E0:02:69:05:3E:47:AF:74:43:E0:AC:57:AB:A5:93:BF:4E:FF:3B:47:70:FE:C7:D9:C7:08:29:93"}}},"request":{"raw":"GET //echo884be857d20aae4d14ab1523bfd7ca1264.png?2.0.1764987877129 HTTP/1.1\r\nHost: echo88.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:22:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 4902\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D87304E2ECEA790FEDE\r\nAccept-Ranges: bytes\r\nETag: \"A5450BA864392D981A9E489815F4F9C6\"\r\nLast-Modified: Sat, 16 Aug 2025 09:35:02 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 17534517649868137701\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000110\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: pUULqGQ5LZgankiYFfT5xg==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":4902,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"a5450ba864392d981a9e489815f4f9c6","sha1":"7bbda1047972ca2052cf0cd9b45c52a5f870fada","sha256":"4a705a5391c121c22c863b224c73d3c5651b288753710f9d4c4331fdec6dbf5d","sha512":"fa80a2c41ab371ad092aad5ce3ed6a29675c5455662eed799be390ea670627c485a4f0d6ea3929df5abc6bdd3554e8c525dab9463fa87c4b52842e37088aa148","ssdeep":"96:7SpnVfws7kYOD8J42F+RJS6L1xt8yzc0chLuzCcdHnFldfsH5fmqphd3:7SpVYGOL4qJrnW8cjqlH9EZe+hd3","tlshash":"e8a1afbb484df4b7c9761dc97098485b3586e211202197557dcfbd3462af1e4a323563","first_seen":"2026-02-24T15:46:17.942421Z","last_seen":"2026-05-04T13:28:51.881116Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2090,"timings":{"blocked":1868,"dns":0,"connect":0,"send":0,"wait":222,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-04T13:22:08.949Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 13:22:09 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 10:24:42 GMT\r\nvary: Accept-Encoding\r\nserver-timing: cfCacheStatus;desc=\"DYNAMIC\", cfEdge;dur=11,cfOrigin;dur=617\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jQSes7vLjHyCi8PY9WBZeTuEFUNBRbXCKCivdubE5kTTw%2BSzfF8D7DO%2B9LOxBCB26Pf43LuQipbE0%2BpkUP9dDQauK71ifpKLg5BeixiGu71qWRFat64dOy8UzUuD\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncontent-encoding: br\r\ncf-ray: 9f67d006282156ab-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6048,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1159)","md5":"7965dba5a04b64ecccc95d4ec8f263f8","sha1":"6d85b21a2b30ba54f0b5e6c7b499257a8a74c675","sha256":"aef5ab739c3760d01c840d87ecddaed0341721bd35789192bc40bb6213127260","sha512":"0cf7494031d89ff52296ec038efc3b3d338cd444555e3acc808f3a81784b051fde7ad6caa7dd31120b1aac84ce12b3f75c4f92add3ad49d6800864cade2cf997","ssdeep":"96:Tr826i5yKuc67RSYI7Tt/P4r6TCZydHRH/gU2mUsGKAiowGpuB1niH2iHGH/PLto:TFTL67AbOZCxfx2nfD3bpuB1niWimfjO","tlshash":"2cc195b36cb4c82a1391052feae2f1085f211193c5298c5871cca0ec4fd4fe588dbb75","first_seen":"2026-05-04T13:22:42.157806Z","last_seen":"2026-05-04T13:28:51.874818Z","times_seen":2,"resource_available":true,"data":null}},"time_used":715,"timings":{"blocked":37,"dns":23,"connect":1,"send":0,"wait":635,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/vendor-4eab0164.js","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:10.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /assets/vendor-4eab0164.js HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:11 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:24:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693393e4-dde6c\"\r\nexpires: Tue, 05 May 2026 01:22:11 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BJ7Z%2Bn9VNVFNsZNzSlO102SD%2B7JWdZ14SCzGxSLhDC%2B%2Fwi3zhj69rbBtcrzfbWuuoiHszxfQ2uS%2FryB0NGY4ZYDEscgwrgdVleCKQUqj%2B4hqyNI7wRUzbWP%2BwQE4\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67d010bfbe568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":908908,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"2872601a5118aeb6c6f49a5c5910d0c2","sha1":"4c94bcaf275034f208fe706f85335be427afa537","sha256":"b6758cdec9c83aae31d1437a0cb012e8367c55fde26ea2ebcf0ea6d7c64ddd77","sha512":"2f3bff4c24f64bae571ea490992734b7b7d76eba4efe396dbe49ead33e4e0f85ae611bb0cfb3d265a0243539a3bc1378432157d8ebffd4c5bbf0e9805f4ff5e9","ssdeep":"12288:+x7TNZ0226XGoWUe5DH/vIwI1icLmOj6l+I5lvSGiZIKWZAcPyw+ba2Xp:y7TN8ifTe5vIwIQcLm+nrIKWZAK2a25","tlshash":"d9153ac97692f06147ab24e240bb0006f3396e59740e8494f16dd8eb7d69d89e2b7f3c","first_seen":"2026-02-24T15:46:17.913048Z","last_seen":"2026-05-04T13:28:51.849708Z","times_seen":7,"resource_available":true,"data":null}},"time_used":1453,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":837,"receive":616,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/index-56c8c855.js","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:12.419Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /assets/index-56c8c855.js HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:13 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:24:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 05 May 2026 01:22:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cS5Ghnr1noWDDBLGW5bTR%2BJdF0sVqBwTIQu2ToCp2LursR1x2xUkQUN1nblMLKHuWc2XE5FEm2r9ZZt3qru2QCxlxzDdOZAdDh9wivB7SSwktDBlUE4GzaDqZNpx\"}]}\r\netag: W/\"693393e4-308\"\r\ncontent-encoding: br\r\ncf-ray: 9f67d01bad17568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":776,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (775)","md5":"03dfb7f83954b8563469a9259e4a6a02","sha1":"1dae5be362855ad7059f9ccdafdc0a549e3bf940","sha256":"1bdbd58741b25990771c4dafc4b429f57f86d52a2e2851ab5279731ecd22b695","sha512":"28e59cc300c6f9a337e5ca09f7d0c84ab5cfba08a4403ac84035c6a8698b6a62dbe9a38d36d8c9a878480b978dd355ace44cd861a86090c7d0d7d9b694999070","ssdeep":"","tlshash":"4801fdf9fc0d8ebb0fa20a4001903600140a1fddfa1419e198877d661be4940d7ce32d","first_seen":"2026-02-24T15:46:17.93483Z","last_seen":"2026-05-04T13:28:51.865249Z","times_seen":7,"resource_available":true,"data":null}},"time_used":617,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":614,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/cdn-cgi/rum?","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 632\r\nOrigin: https://gstwjy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Mon, 04 May 2026 13:22:13 GMT\r\ncontent-type: text/plain\r\naccess-control-allow-origin: https://gstwjy.com\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-max-age: 86400\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nstrict-transport-security: max-age=15552000; preload\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Qty6WOwAiD5j%2FnW8BYd0wo0eHfZBnvdYzH61xeTYM68DqHwVsOjOOmkXDCWtmvEKTVLo3tDYcWtVqvlodUn3SpYw2XiDoATN%2BuqbJNJAGxyaO8o%2FXQmYTsn65Cc8\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 9f67d0207ab9568f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-04T17:05:16.84953Z","times_seen":14645188,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apiv8.ancenns.com/api/common/type/defi_activity_type","fqdn":"apiv8.ancenns.com","domain":"ancenns.com","tld":"com"},"ip":{"addr":"104.21.55.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ancenns.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 29 Mar 2026 11:20:56 GMT","end":"Sat, 27 Jun 2026 12:16:59 GMT"},"fingerprint":{"sha1":"DA:73:3E:84:54:58:F6:18:15:EF:6B:C9:9C:60:40:B0:C7:A9:E0:DD","sha256":"CE:81:5A:E8:E4:E9:31:4E:94:8C:F7:E9:C2:FD:43:CB:DC:AB:CF:59:D9:AD:C0:8D:D8:FC:27:14:E5:E2:DF:6D"}}},"request":{"raw":"POST /api/common/type/defi_activity_type HTTP/1.1\r\nHost: apiv8.ancenns.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://gstwjy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:22:14 GMT\r\ncontent-type: application/json\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://gstwjy.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wE8R0bCx4zsGEUxgtijfFrQJgOnq92GNUnS4CQnVQRu%2FkH7jVRQEyKIBH1QZ%2BI0Nm1NeVtlj%2BTstXBUaNMBq8ahZfachMRPXU3a91diYj1r9ZFX1zpvcRvhsTZc7t%2F0H7G73ig%3D%3D\"}]}\r\ncf-ray: 9f67d0252b9c568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":635,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7a423e3451e474878191a0a7f1d323b9","sha1":"13312f533f380295131f6a1540f425d0c98a16ba","sha256":"49c938e0bb3a834cab9319575489cf6c1694cace3f1ceb9671570024328e2a35","sha512":"0522e47fc06c4329cee21e354b264c90ae4b0725941d75cf63af54bee4a307fbe91e7078a412bd9750f3856657159ffe5efff139a652ec0443368f7c146bfdbf","ssdeep":"","tlshash":"5af028143d3dcebf098f65e745ec7818399c152794a0fca058ab0f3c5ae4171088921c","first_seen":"2025-04-07T11:28:26.961944Z","last_seen":"2026-05-04T13:32:42.314391Z","times_seen":623,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/v8c78df7c7c0f484497ecbca7046644da1771523124516","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:09.836Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 17 Apr 2026 18:57:25 GMT","end":"Thu, 16 Jul 2026 19:57:22 GMT"},"fingerprint":{"sha1":"AB:25:45:8F:55:B6:2B:26:B5:B1:EF:90:E0:60:64:9C:56:47:0F:B5","sha256":"47:83:31:CC:5E:02:0E:51:A7:52:AC:83:1B:8A:A8:4C:74:11:A5:F1:61:8D:C5:6D:29:3C:9D:6A:C9:29:AF:7F"}}},"request":{"raw":"GET /beacon.min.js/v8c78df7c7c0f484497ecbca7046644da1771523124516 HTTP/1.1\r\nHost: static.cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://gstwjy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 13:22:09 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\netag: W/\"2026.2.0\"\r\nlast-modified: Thu, 19 Feb 2026 17:45:24 GMT\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9f67d00b8d135a0f-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31169,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (31169), with no line terminators","md5":"4f67ea9205c3ca7c9e04582d3b9bdd1d","sha1":"d3b68ad3eb88d3db3d843211d4905143c3bff281","sha256":"4b77eae349a8cbcea7133cf3640a64ebf1f69d54d8f6469d7be6fdc188ca4ca4","sha512":"f034bbae022b026821045c28393ba371fe83f6b5ef1fcc66f0943525ad3587d417f04cd795d8accee7d86b82057ca74b50a4d3ae74855cb0e4504393ad943c42","ssdeep":"384:BXi1f+hZCIy1f84QDRuT9WKw00QmLnivMt+BERzR0c744BKJKe0620vFjOkcXo9g:+V584QlIrw6OPIJJtFjj09N","tlshash":"bce218eeb591b13603f7a072447f210b733ab56264494408e21bd6c22c78eeed257fad","first_seen":"2026-02-19T19:35:51.221473Z","last_seen":"2026-05-04T17:06:13.118526Z","times_seen":61300,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":8,"dns":1,"connect":1,"send":0,"wait":8,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/index-b9c1a9df.js","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:12.415Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /assets/index-b9c1a9df.js HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:13 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:24:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693393e4-3694\"\r\nexpires: Tue, 05 May 2026 01:22:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FJU%2FJSyMrfzpa5GO919Bk7RcWrIfr2ZWMugRiMv%2FCaEIwr9QhPNC9wN%2FGAnjQorLu6RmzDwhqFfUgeWloDUZbQw6KcJfuCQthx%2BT%2BYyzgOIL1nTaSovLkvseXBYK\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67d01bad12568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13972,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (13971)","md5":"77cb84b4ed4bb747f8ff6a42d23bcbc7","sha1":"615eda0ae92fdfad9fedcc4da89a39a75a6331be","sha256":"915f9bddc9612d0a749a608d92a37487f430a9937b73787893d05d4130841d84","sha512":"149196ab6e3233abbbc305937bc71628ad533bd1cb2d9b142d02fb0f600cb14a27f0800f43e6db913bb7a7fb71704bc61105133db801d77c40d7f29190062b45","ssdeep":"384:O2zEntAhRxSJUFAFtAfU2ws0K8+YjFuv6kdqHbhdGrPCRJSD:Rs5SWtAfUrH84hdGrPCjA","tlshash":"e152c762f9029a3cf5fbe05140880050b66a7ffb401989a6b9bc6d4f3356eb8f75d718","first_seen":"2026-02-24T15:46:17.919581Z","last_seen":"2026-05-04T13:28:51.853104Z","times_seen":7,"resource_available":true,"data":null}},"time_used":596,"timings":{"blocked":6,"dns":0,"connect":0,"send":0,"wait":590,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/resource/svg/light/mengbanzu13.svg?2.0.1764987877129","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /resource/svg/light/mengbanzu13.svg?2.0.1764987877129 HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:14 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:23:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69339392-4b2\"\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wpGoLH90xP9%2FmY3NrnUJmMTPUFy2mbkM1dsWxsZxEF9f1ek5lHarJG8f66rTayCPVhtfnksIyp0ahpr1ZFEs11Mi8Y8L108wUyXH2W6zRoq5ixOKlFFEm%2BICPF5D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67d021ccc1568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1202,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2d850b982245ca50f3a2e230e0b1398d","sha1":"283d9ec8c786aa91786d80ba54164723bb6699b4","sha256":"852697a3439e4c3cb0d426221c5b3a345e333b69bd39ff63f731fe02a1a04826","sha512":"2884fe7d0dbc512dbc44a091be6f35bf6f66cb15c8ca1f763c60896d101df4b196c29ec631e040cc8116edc43dfdcf63b48c4a9c1b0c420940f32d960ec7a710","ssdeep":"","tlshash":"072144b9c510128a62814f8cdbd82b06623ef167f3f54d9db39016b20d78d9f11bca21","first_seen":"2024-12-28T13:26:38.912526Z","last_seen":"2026-05-04T13:28:51.863419Z","times_seen":305,"resource_available":false,"data":null}},"time_used":641,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":640,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"echo88.oss-accelerate.aliyuncs.com//echo88c347ca2903984f2181c4060fccfc1217.png?2.0.1764987877129","fqdn":"echo88.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.452Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 21 Jan 2026 05:48:22 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"64:86:8B:A7:E4:DC:0E:74:32:46:53:69:3C:B8:E4:89:DD:F6:BD:55","sha256":"B8:C1:A5:52:E0:02:69:05:3E:47:AF:74:43:E0:AC:57:AB:A5:93:BF:4E:FF:3B:47:70:FE:C7:D9:C7:08:29:93"}}},"request":{"raw":"GET //echo88c347ca2903984f2181c4060fccfc1217.png?2.0.1764987877129 HTTP/1.1\r\nHost: echo88.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:22:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 2089\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D8740D002585B8F8C66\r\nAccept-Ranges: bytes\r\nETag: \"92C55399C4F1646E247F854485AFD21D\"\r\nLast-Modified: Sat, 16 Aug 2025 09:36:11 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 637294846358804236\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000110\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: ksVTmcTxZG4kf4VEha/SHQ==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2089,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"92c55399c4f1646e247f854485afd21d","sha1":"1441888bf9aa8b71de0712c81519c6075699aa96","sha256":"1fa4175ce4e21e8b38198ab1805093ecbfb660cc72e799ee6b80e944f9c3af21","sha512":"82587d43d306e660c82001d4d232274230becf8a219e934d2b5f59f535fb348aa9a089664806badd1a3a076c843a510aacd45985f93bba803d821983b625d3ff","ssdeep":"","tlshash":"4e413c81657bf1ee93c86847a145e2f91b11120ebf252b0c6967aec226bf07b2401a81","first_seen":"2025-11-27T10:14:09.07391Z","last_seen":"2026-05-04T13:28:51.868719Z","times_seen":10,"resource_available":false,"data":null}},"time_used":2256,"timings":{"blocked":2035,"dns":0,"connect":0,"send":0,"wait":221,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echo88.oss-accelerate.aliyuncs.com/echo88d894a584c5cb4d70a1120a08679228c8.png?2.0.1764987877129","fqdn":"echo88.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 21 Jan 2026 05:48:22 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"64:86:8B:A7:E4:DC:0E:74:32:46:53:69:3C:B8:E4:89:DD:F6:BD:55","sha256":"B8:C1:A5:52:E0:02:69:05:3E:47:AF:74:43:E0:AC:57:AB:A5:93:BF:4E:FF:3B:47:70:FE:C7:D9:C7:08:29:93"}}},"request":{"raw":"GET /echo88d894a584c5cb4d70a1120a08679228c8.png?2.0.1764987877129 HTTP/1.1\r\nHost: echo88.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:22:16 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 4061\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D88CC39EA3F32B2E53E\r\nAccept-Ranges: bytes\r\nETag: \"0CBC1467260AAF10D742AB4ADAB011C0\"\r\nLast-Modified: Sat, 16 Aug 2025 09:32:13 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 13946561901315639168\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000110\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: DLwUZyYKrxDXQqtK2rARwA==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":4061,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"0cbc1467260aaf10d742ab4adab011c0","sha1":"c65d5ba12edc0f4388c6068bd7d93a8398404f3c","sha256":"c671e69b957419edac0540d737f67f0a50df88c5f645ad51cf6e1f60a687f430","sha512":"bfc2457de0868d2299accf0b62983b2654470d951f7209527a7cf2309bc5abe218af0cc032c34194fb11cd3fd212ddcde2c4a4dd7b2cda573da26e4ed571dcdc","ssdeep":"","tlshash":"fb817d12400da4c9c1368efae8a475247278fcbf5681bbd4e52c14fc8142dfa816138f","first_seen":"2026-02-24T15:46:17.920728Z","last_seen":"2026-05-04T13:28:51.843531Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2712,"timings":{"blocked":2459,"dns":0,"connect":0,"send":0,"wait":252,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apiv8.ancenns.com/api/notice/list?key=ACTIVITY_NOTICE\u0026modelKey=HOME_ACTIVITY","fqdn":"apiv8.ancenns.com","domain":"ancenns.com","tld":"com"},"ip":{"addr":"104.21.55.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.712Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ancenns.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 29 Mar 2026 11:20:56 GMT","end":"Sat, 27 Jun 2026 12:16:59 GMT"},"fingerprint":{"sha1":"DA:73:3E:84:54:58:F6:18:15:EF:6B:C9:9C:60:40:B0:C7:A9:E0:DD","sha256":"CE:81:5A:E8:E4:E9:31:4E:94:8C:F7:E9:C2:FD:43:CB:DC:AB:CF:59:D9:AD:C0:8D:D8:FC:27:14:E5:E2:DF:6D"}}},"request":{"raw":"POST /api/notice/list?key=ACTIVITY_NOTICE\u0026modelKey=HOME_ACTIVITY HTTP/1.1\r\nHost: apiv8.ancenns.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://gstwjy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:22:13 GMT\r\ncontent-type: application/json\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://gstwjy.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KOHjA6ip%2FWuhvlZu2yytOC%2F4mLwW2cjzl1g2KBnWXZQbpOR%2Fr9%2FyZhVOjCKkwmApZHh39DlzNx90tzvQ2iAEV72JSqE9CylzR1NR06nZ%2F8jYXA%2FoGKpe36LQKHxeSPClUqe%2BpQ%3D%3D\"}]}\r\ncf-ray: 9f67d023bb94568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":554,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4ec288d9cfecdb39c6c2f3bcf3c83ce6","sha1":"854a651838a2d876a84816bd4eb7ffcfa67a2ffb","sha256":"edd9ee54a481280a68b28abfbded60aaf5bef2daa3c3a54d338545a97d8c9ede","sha512":"a61f8a6e827d2135e68a63f9df0bc8957f9c5cb1307e05366fc6284cae0c40c147fb8150b2e1879c4e1a9a718dd248ff2384a89738a92cf2378dd90097cec064","ssdeep":"","tlshash":"c6f0240e26789e69090948d764c9bdcda25f2a53d260cdb09aaacf2885f55bb1b0a904","first_seen":"2026-02-24T15:46:17.962603Z","last_seen":"2026-05-04T13:28:51.845305Z","times_seen":7,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":202,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/index-2f4644ae.css","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:12.406Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /assets/index-2f4644ae.css HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:13 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:24:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693393e4-a01\"\r\nexpires: Tue, 05 May 2026 01:22:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EmXJawB5xJXrvMlGEgZIAPV1WXcZnoD9bW8Xs1BV6JwRHFTZwIfcE3T1HxNkfUELLn6JAbJqvC1tSckNBQ%2BglY9c6L1jlOq8ZT6bu6fGnsOtUtKTH0pCKTBu2IqI\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67d01b9cf9568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2561,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2560)","md5":"45baacfdd2499066688f7ffc7225c372","sha1":"46551e76bfa93f50857a6b0f53d1f117d2adf0fe","sha256":"2f4644ae09e7b5a53ec8996547eb607ac21976285369b68da4ccc2c49fba346c","sha512":"edb7742f23bacfab32449c041654cb2e47b50fb18da2e9a33a7e736fbc02745db06ecb8b913c3c5b0f3defa871da7bc5e89bf3c9d7457be31f4595c0be470eda","ssdeep":"","tlshash":"c4511e4cfe9915345c7be98fbe5c6e488000be93e54aed85f007d70649cfae3276065a","first_seen":"2024-08-19T15:53:11.157245Z","last_seen":"2026-05-04T13:28:51.83092Z","times_seen":51,"resource_available":false,"data":null}},"time_used":646,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":644,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/resource/fonts/Arial.ttf","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:10.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /resource/fonts/Arial.ttf HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gstwjy.com/assets/index-43a475f0.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:11 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 1047012\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:23:12 GMT\r\netag: \"69339390-ff9e4\"\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MiqTPgI7GRj49G%2BNJrnEr8s%2FYPA6IONDNvUR2kGugBkPK9aFUHdBl3Ov67a8PzvjP1M%2FUh7cbW6UR85kZPXB8FEUyc58xJY5bUxbRZ9iW5EIDQ41aIRDpdbDd8wF\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67d01249a7568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1047012,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, digitally signed, 25 tables, 1st \"DSIG\", 58 names, Unicode, � 2017 The Monotype Corporation. All Rights Reserved. ","md5":"ffe66dbfc4b07f36ef38dd621ad2c7cc","sha1":"e032b102cfc37c3226d17e1b462edea5fbf8fe1c","sha256":"c1216a01b3cc4e94df72577a6f618154058a1d8999ed58fa31ab7e54c7e4be4b","sha512":"3c7952b71c8117938c5284efca0e0b3e8c20d7b84c74a4890f76a72af3b26295786b0f7c33d9b6c980527b4c4c8dad628d1f5e7e5f202d11076367f082349bb3","ssdeep":"24576:NoQIQRjo/Y7wjgTmKJ4WxA7EAD4OBfDamXKE6AMra:NHIQJo/Y7wjgTm0PxAwJHE6hG","tlshash":"f125be0bf3929f0fe3902b38c9a5d761939b76189b2743b73d8c5858ecc85a45e487d2","first_seen":"2023-07-29T15:16:45Z","last_seen":"2026-05-04T13:34:50.778961Z","times_seen":1240,"resource_available":false,"data":null}},"time_used":1836,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":816,"receive":1020,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"echo88.oss-accelerate.aliyuncs.com//echo887cb39cf9d5334b15b81c6e2632c60bdf.png?2.0.1764987877129","fqdn":"echo88.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.458Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 21 Jan 2026 05:48:22 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"64:86:8B:A7:E4:DC:0E:74:32:46:53:69:3C:B8:E4:89:DD:F6:BD:55","sha256":"B8:C1:A5:52:E0:02:69:05:3E:47:AF:74:43:E0:AC:57:AB:A5:93:BF:4E:FF:3B:47:70:FE:C7:D9:C7:08:29:93"}}},"request":{"raw":"GET //echo887cb39cf9d5334b15b81c6e2632c60bdf.png?2.0.1764987877129 HTTP/1.1\r\nHost: echo88.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:22:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 6319\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D87CD39720C82B62ADE\r\nAccept-Ranges: bytes\r\nETag: \"7C24759A03E339290FECD66F92283E71\"\r\nLast-Modified: Sat, 16 Aug 2025 09:36:29 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 12958436293351405485\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000110\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: fCR1mgPjOSkP7NZvkig+cQ==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":6319,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"7c24759a03e339290fecd66f92283e71","sha1":"0fa09dc070a8370f3f3e8795a9c06058e67bc7b4","sha256":"809c63e057d57da08bba8037685c55cc7db6837c2fd4b3565d67517a36e8ce8c","sha512":"0ec2ae2b134aeb8746054502488c49269361825cfe896c80bcfe2480ac13fbe5f458c39b94f85a9d86ed040a02cb66d276d4d64fbf5c161d921a153b6615a0f6","ssdeep":"192:hzwjYCcjyQLLSGOeBcRplvU5GdlcHCWmKZDa:hzsYCfQf6eBcRbtPcHCWmKZ2","tlshash":"b7d1afc1e42bac082c3ad6608837668ae42d0a0d7535491277b01eeb8785ccf75c7d83","first_seen":"2026-02-24T15:46:17.955099Z","last_seen":"2026-05-04T13:28:51.869476Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2321,"timings":{"blocked":2070,"dns":0,"connect":0,"send":0,"wait":250,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echo88.oss-accelerate.aliyuncs.com/echo880475f5fd6976496c8a170da57ebe00a6.png?2.0.1764987877129","fqdn":"echo88.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 21 Jan 2026 05:48:22 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"64:86:8B:A7:E4:DC:0E:74:32:46:53:69:3C:B8:E4:89:DD:F6:BD:55","sha256":"B8:C1:A5:52:E0:02:69:05:3E:47:AF:74:43:E0:AC:57:AB:A5:93:BF:4E:FF:3B:47:70:FE:C7:D9:C7:08:29:93"}}},"request":{"raw":"GET /echo880475f5fd6976496c8a170da57ebe00a6.png?2.0.1764987877129 HTTP/1.1\r\nHost: echo88.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:22:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 6606\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D87048FEFBEEBA62030\r\nAccept-Ranges: bytes\r\nETag: \"C62BF3DBBB27F171A4890199B18B7C18\"\r\nLast-Modified: Sat, 16 Aug 2025 09:32:22 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 14754154671070119556\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000110\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: xivz27sn8XGkiQGZsYt8GA==\r\nx-oss-server-time: 1\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":6606,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"c62bf3dbbb27f171a4890199b18b7c18","sha1":"36a0d37376ef223a885d23bb58ae97e7892e4d14","sha256":"99f8521b04fe4313c75e28f7141d26740b6b71391978067471de02fbb712715f","sha512":"5b03bf16578412ed13ead20547785ec01cc3d65ccafda747d9eb6e4f960c56dfd4fc48028d3eea92babef2c1d2fe79ce1a77a8062b7798f1aafa6345a3d2ff8b","ssdeep":"96:5T2Rh4VD4e4kk53p+/AWAdx8gKbm2SDQwTLbMi5VIWaeADwboFXnwp/ZX+OHQMbw:28XkniRWxibEMGhboF3wFZOOwlEQ","tlshash":"2cd19d438b4109a41e6b53d2a364dea32ef2a200c8d09c5abbe7fef4d41209546c36f0","first_seen":"2026-02-24T15:46:17.9369Z","last_seen":"2026-05-04T13:28:51.836258Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2447,"timings":{"blocked":2254,"dns":0,"connect":0,"send":0,"wait":192,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/vendor-8c267198.css","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:09.831Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /assets/vendor-8c267198.css HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:10 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:24:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693393e4-16c1e\"\r\nexpires: Tue, 05 May 2026 01:22:10 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=n7G4yA4Rux2EBqwSc4o7qiWgHeyIFH4%2FYEB4aAlD2lC%2FuW%2FzpH3xs3h5wA1Ufadp4dycdojw7cY7akgUsOI5AlCZ%2BzVs2Y43HwJ%2FbjVb0CLBzurK0SEtDL9n%2FeV5\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67d00b68a0568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":93214,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65018), with no line terminators","md5":"509f1a66e8ad59bd27f081062f603f10","sha1":"323e5b51ac955ca843a2669bcee4ba00cde496c8","sha256":"8c267198fe044786df26943e5e5a048895118d991e8da41a16605df914fbcca4","sha512":"ce9dcd5836d4aa80a321213612d6aeeea98f0be7d2619818051e47c2a6729759044754796239ba08203b119fa3bfdb9920466fa924aca73894a1eaec0345dba6","ssdeep":"1536:BtIyNBi3MFYaQj7FCwsBlDOFIxuVox8D/zb:BnNIClDsIxuVS8nb","tlshash":"5e93d4a5a9c461fc6f2ae2659b8765e8f13cf671cc01daa0f105511d0fcbbf60613a3a","first_seen":"2025-06-07T20:44:36.433732Z","last_seen":"2026-05-04T13:32:42.318582Z","times_seen":68,"resource_available":false,"data":null}},"time_used":1074,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":862,"receive":212,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apiv8.ancenns.com/api/common/getCoinList","fqdn":"apiv8.ancenns.com","domain":"ancenns.com","tld":"com"},"ip":{"addr":"104.21.55.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:12.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ancenns.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 29 Mar 2026 11:20:56 GMT","end":"Sat, 27 Jun 2026 12:16:59 GMT"},"fingerprint":{"sha1":"DA:73:3E:84:54:58:F6:18:15:EF:6B:C9:9C:60:40:B0:C7:A9:E0:DD","sha256":"CE:81:5A:E8:E4:E9:31:4E:94:8C:F7:E9:C2:FD:43:CB:DC:AB:CF:59:D9:AD:C0:8D:D8:FC:27:14:E5:E2:DF:6D"}}},"request":{"raw":"OPTIONS /api/common/getCoinList HTTP/1.1\r\nHost: apiv8.ancenns.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang\r\nOrigin: https://gstwjy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 13:22:12 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://gstwjy.com\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dgehZuuPqFygiCWoWsqChV%2Fuqod5XtT%2B9ajdnE48VnkXV%2Fkc56f4XLnPxB5BwetB%2Fqn0PRIhoZAp0ZS5uT2NItAUptlc5f5tzn%2FTurT%2BWcRDivspdpmp3502BmXih%2FoJE67d2g%3D%3D\"}]}\r\ncf-ray: 9f67d01bb9e856a5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-04T17:05:16.84953Z","times_seen":14645188,"resource_available":true,"data":null}},"time_used":551,"timings":{"blocked":65,"dns":13,"connect":1,"send":0,"wait":417,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/index-89aece6b.js","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.098Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /assets/index-89aece6b.js HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:13 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:24:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 05 May 2026 01:22:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fMIb%2FslVrsUmZ8%2BobTxFvjc7mELt5XeA16fDPgKS9KNzSz89Q2W60SPk%2B544L0xYfjEHo6cvzMtzNxmeeTY38jaAyz64AubXMSC7TbBg76VvR9KTwqp%2BJLbRTnra\"}]}\r\netag: W/\"693393e4-1fe\"\r\ncontent-encoding: br\r\ncf-ray: 9f67d01fea09568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":510,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (509)","md5":"265a79c4efd1371c08521a69b7c46372","sha1":"692e41e7a74c683f59eb0da79c30ed0d31fd17ee","sha256":"fe4cc4cbc91539e462eff006cdc414cd3621a7e1170a9ce3ae7e2ad4f6ddfb1b","sha512":"eb0566bff6252b28c7f8250a07c36d5c4fd61b5d2412227c9f4a037dc76b1741535c62e00137abe043d850c7b39465a8f333d357c545cb14e8660d74cf70406c","ssdeep":"","tlshash":"79f0c93f797a81b21bb388e8a1631820a6291b4a2754c494e8870a1097348e3e12e224","first_seen":"2026-02-24T15:46:17.933111Z","last_seen":"2026-05-04T13:28:51.878973Z","times_seen":7,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/index-56c8c855.js","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.105Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /assets/index-56c8c855.js HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:13 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:24:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 05 May 2026 01:22:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PM%2FPmbBpa%2Fo18iNPAYguN8v90KOAE4Ury5jdCK5Y1NYJ8Og5P2Rl3jPDY0TlsXUPM1UjrtUF9xj8EW55Qb0S5v0NMBDbZXoKEhBOP%2BdWsaWFVk42I6zMCWyjj7I1\"}]}\r\netag: W/\"693393e4-308\"\r\ncontent-encoding: br\r\ncf-ray: 9f67d01fea1a568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":776,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (775)","md5":"03dfb7f83954b8563469a9259e4a6a02","sha1":"1dae5be362855ad7059f9ccdafdc0a549e3bf940","sha256":"1bdbd58741b25990771c4dafc4b429f57f86d52a2e2851ab5279731ecd22b695","sha512":"28e59cc300c6f9a337e5ca09f7d0c84ab5cfba08a4403ac84035c6a8698b6a62dbe9a38d36d8c9a878480b978dd355ace44cd861a86090c7d0d7d9b694999070","ssdeep":"","tlshash":"4801fdf9fc0d8ebb0fa20a4001903600140a1fddfa1419e198877d661be4940d7ce32d","first_seen":"2026-02-24T15:46:17.93483Z","last_seen":"2026-05-04T13:28:51.865249Z","times_seen":7,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/platform/dev/logo_144.png?2.0.1764987877129","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.292Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /platform/dev/logo_144.png?2.0.1764987877129 HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:13 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:23:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69339390-b5c\"\r\nexpires: Wed, 03 Jun 2026 13:22:13 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=6,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yGtwruXJ1S6tOKOxKJlW%2BV1RGPtkIv2OYxLjIjfYNMvoxpaUpAyitORZRLZNX%2BSirWd4tw1GHuovEooGCCCkSkfz99UugLcKlp%2BUm2tDNt9PTqAXVJiFMOx9lmc%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67d0211b8d568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2908,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced","md5":"9a5a67a3b984ab223eef25ac3f419432","sha1":"5b07513414db526d86d32c3b8f42c0dbb62a8e71","sha256":"38055609c5d61aad696e97b746489c7f886b79cc069326312c6a111062019777","sha512":"4f610ac72700d9727ff6d32567b7d71a582a8c87eb067e4f33a8a910c66968514277df68c0794d1db6ce3a94ed0111003a71afd8cab40dcb3bc062dfb9f14bad","ssdeep":"","tlshash":"0c5119e6d89d003a4dd329b7b0f03e45fe7ab5fb5ab6330480972b3065552ab84d8327","first_seen":"2024-10-20T08:32:52.883488Z","last_seen":"2026-05-04T13:32:42.301574Z","times_seen":259,"resource_available":false,"data":null}},"time_used":642,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":642,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"echo88.oss-accelerate.aliyuncs.com//echo88bfa75b6de5b2448598e88eeeb94d099b.png?2.0.1764987877129","fqdn":"echo88.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 21 Jan 2026 05:48:22 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"64:86:8B:A7:E4:DC:0E:74:32:46:53:69:3C:B8:E4:89:DD:F6:BD:55","sha256":"B8:C1:A5:52:E0:02:69:05:3E:47:AF:74:43:E0:AC:57:AB:A5:93:BF:4E:FF:3B:47:70:FE:C7:D9:C7:08:29:93"}}},"request":{"raw":"GET //echo88bfa75b6de5b2448598e88eeeb94d099b.png?2.0.1764987877129 HTTP/1.1\r\nHost: echo88.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:22:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 5053\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D87B724A5C79D99FB25\r\nAccept-Ranges: bytes\r\nETag: \"08E17A419FF22E3FB69D0ED1D1383F8D\"\r\nLast-Modified: Sat, 16 Aug 2025 09:35:18 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 15894501242464551297\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000110\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: COF6QZ/yLj+2nQ7R0Tg/jQ==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":5053,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"08e17a419ff22e3fb69d0ed1d1383f8d","sha1":"c1e7c471d5afbb8194127a788fca0ad8cfd5d634","sha256":"0b2964d684b80bda932fe54e4c60258fb26848aece3910e54a85447f202ccd85","sha512":"3096fed486a70fa8df75e4a470d11c97da357393e1f681eb850b3f1e80317255dfcb3c6b51ce57afa83a5f7d3b18822d02f6915d3fae462edf34e2edbb827660","ssdeep":"96:CtretUIo8GlRxIC60W0DuL1dQcDnL/sp5lyONODQ59pEcm:CSo8cICjPGgXjODem","tlshash":"c1a19e0f7cd2ae26d388e34ba8510435f22f059889df92fe9c01ce9ee1278d8a594039","first_seen":"2026-02-24T15:46:17.952281Z","last_seen":"2026-05-04T13:28:51.866662Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2257,"timings":{"blocked":2036,"dns":0,"connect":0,"send":0,"wait":220,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echo88.oss-accelerate.aliyuncs.com/echo88a13ab0e74bec4a8b8fc8fd1c30104d71.png?2.0.1764987877129","fqdn":"echo88.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.465Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 21 Jan 2026 05:48:22 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"64:86:8B:A7:E4:DC:0E:74:32:46:53:69:3C:B8:E4:89:DD:F6:BD:55","sha256":"B8:C1:A5:52:E0:02:69:05:3E:47:AF:74:43:E0:AC:57:AB:A5:93:BF:4E:FF:3B:47:70:FE:C7:D9:C7:08:29:93"}}},"request":{"raw":"GET /echo88a13ab0e74bec4a8b8fc8fd1c30104d71.png?2.0.1764987877129 HTTP/1.1\r\nHost: echo88.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:22:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 2823\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D87048FEFBEEBA62036\r\nAccept-Ranges: bytes\r\nETag: \"E2E92AA6957DC5665AC77E0571FD74A7\"\r\nLast-Modified: Sat, 16 Aug 2025 09:31:57 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 6035980176649803087\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000110\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 4ukqppV9xWZax34Fcf10pw==\r\nx-oss-server-time: 2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2823,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"e2e92aa6957dc5665ac77e0571fd74a7","sha1":"4bbbdaced519b35a2ec916c1864cab2b652d505e","sha256":"073c873b7d43e0bd5e336202634b4d2ea3dfc40322978017466139cf9ae36c2e","sha512":"32235ab34ac47a4dd0e726b67cacca86346353f24475d5358b3255ed49a47e00454f7e9dacc4460d27d292a650943fdfffaa671f91296ab97a59126520f9f51c","ssdeep":"","tlshash":"c551f603a7551001de369d80147cc12bff3e60206c412818baba986a61cfa61daddbdb","first_seen":"2026-02-24T15:46:17.915859Z","last_seen":"2026-05-04T13:28:51.842391Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2463,"timings":{"blocked":2241,"dns":0,"connect":0,"send":0,"wait":222,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echo88.oss-accelerate.aliyuncs.com/echo88fd1e9709b6f149ec9b48f3c496c8a9fd.jpg?2.0.1764987877129","fqdn":"echo88.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 21 Jan 2026 05:48:22 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"64:86:8B:A7:E4:DC:0E:74:32:46:53:69:3C:B8:E4:89:DD:F6:BD:55","sha256":"B8:C1:A5:52:E0:02:69:05:3E:47:AF:74:43:E0:AC:57:AB:A5:93:BF:4E:FF:3B:47:70:FE:C7:D9:C7:08:29:93"}}},"request":{"raw":"GET /echo88fd1e9709b6f149ec9b48f3c496c8a9fd.jpg?2.0.1764987877129 HTTP/1.1\r\nHost: echo88.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:22:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 53853\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D87048FEFBEEBA6203D\r\nAccept-Ranges: bytes\r\nETag: \"75AE93820961613CBF34A2C3628A9BDF\"\r\nLast-Modified: Fri, 05 Sep 2025 15:40:35 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 4273115504496242059\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000110\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: da6TgglhYTy/NKLDYoqb3w==\r\nx-oss-server-time: 6\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":53853,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 750x300, components 3","md5":"75ae93820961613cbf34a2c3628a9bdf","sha1":"8a07b3d58f3dc032dca0d56ccd4a8027ddb48bd6","sha256":"bf1b5ce2e5ac0640798aff5f2f2164ae662d1d1b99cd623f3713609b1be7cddd","sha512":"737a8f93fdea8f9625d7237a18f6e6f8c8cdd304643d9dc049caccd4795e99d0f3d0494dc7b5b4e11894b97b07eebecae08b22b3f165d8f228a0fa9968a07f61","ssdeep":"1536:b+WRfLnjS4PEm8UR53/ej86jYgwK7NsX0GHAlK97Qdt:bRpLhJ8URx/b6jYgwKRnGHAlKdQL","tlshash":"3033f109c32ee5ead4ffbe7680ce9fd4e998d6435508e956bc3e42c017600985e9a287","first_seen":"2026-02-24T15:46:17.964089Z","last_seen":"2026-05-04T13:28:51.864049Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2040,"timings":{"blocked":1805,"dns":0,"connect":0,"send":0,"wait":231,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apiv8.ancenns.com/api/common/getAllSetting","fqdn":"apiv8.ancenns.com","domain":"ancenns.com","tld":"com"},"ip":{"addr":"104.21.55.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:12.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ancenns.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 29 Mar 2026 11:20:56 GMT","end":"Sat, 27 Jun 2026 12:16:59 GMT"},"fingerprint":{"sha1":"DA:73:3E:84:54:58:F6:18:15:EF:6B:C9:9C:60:40:B0:C7:A9:E0:DD","sha256":"CE:81:5A:E8:E4:E9:31:4E:94:8C:F7:E9:C2:FD:43:CB:DC:AB:CF:59:D9:AD:C0:8D:D8:FC:27:14:E5:E2:DF:6D"}}},"request":{"raw":"POST /api/common/getAllSetting HTTP/1.1\r\nHost: apiv8.ancenns.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlang: en-US\r\nOrigin: https://gstwjy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 13:22:13 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://gstwjy.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WEuO492wH5OQgjPmkKJii2UCt4TUJniFvmX0VddWTGfEByQo1pfjwconVsVyCC9iztravdBfh8lC%2Ba6rVJZSPIOkQ3l95iekmqhP8lHCaifaIvLxzGROOoHVKs9Adr5z7%2F48lA%3D%3D\"}]}\r\ncf-ray: 9f67d01e4c7356a5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12641,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"d6d5bbef0f68633807a2231e73ba2f95","sha1":"b18c037e54ebd2b021266fd18b4ee4387bdf2096","sha256":"c4bebb69c6b5e0345c4356b7c0653ddf3df9b79daddb4281324b33265c8a71b2","sha512":"94dcc8270af84981040296ec6063b57a56ed7759723c6ea39bd45fd5192a2fad2f4600c7c0996e963664c8d074d4bf6b324b4eb18bfd26348143d9d4dca61eef","ssdeep":"192:r+9196OSpQ+okoL5+Rb3uc2hF/uHwyMSLRAOMNd5oaNO2/lYMNmbjDGkivXlOlu0:7uXdS22MUn6vkY1od","tlshash":"a042620a32f8cc7c97da1ac6d097bb49b68d38b7d450ec85e9e7ae0cd4699b5484f009","first_seen":"2026-04-23T15:57:14.272035Z","last_seen":"2026-05-04T13:28:51.839205Z","times_seen":4,"resource_available":false,"data":null}},"time_used":403,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":403,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/filters-da545321.js","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /assets/filters-da545321.js HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:13 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:24:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693393e4-c1e\"\r\nexpires: Tue, 05 May 2026 01:22:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nage: 0\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4G1p6IkQ31atSHrZFMILj8Zv51%2Fxezf0rBdSj4bgYzvNSa11ndn%2F4IHLnU7sggJW7zrYVZXsGXVDk1Vvr3bWiQHnQlcPDy1P%2FzECMowl0vnTkGxOLn1clVDCztFf\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67d01fea16568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3102,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3101)","md5":"7eec20503ac049c8657ccb54a1bda7b1","sha1":"196b2837df40d0b3461f7aefc4fde9e7772fd1b1","sha256":"8a29d415f8c090efc5c1bd87950a2f65c5534c12d27def4d2985470b0396fc3a","sha512":"72e1575a766847c97b9dd9b121cb8594623a7887cdf3dff324a5694559468b86f90cafe4d8e55e1ec789b7fe49892c5dadc164ad27c5bc98ed3f11b5185747c4","ssdeep":"","tlshash":"665134fdfdd7613356ea6ef940288450728ebe20686e0a49f54bd04659338c8e07f778","first_seen":"2026-02-24T15:46:17.914553Z","last_seen":"2026-05-04T13:28:51.832397Z","times_seen":7,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apiv8.ancenns.com/api/common/getAllSetting","fqdn":"apiv8.ancenns.com","domain":"ancenns.com","tld":"com"},"ip":{"addr":"104.21.55.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.927Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ancenns.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 29 Mar 2026 11:20:56 GMT","end":"Sat, 27 Jun 2026 12:16:59 GMT"},"fingerprint":{"sha1":"DA:73:3E:84:54:58:F6:18:15:EF:6B:C9:9C:60:40:B0:C7:A9:E0:DD","sha256":"CE:81:5A:E8:E4:E9:31:4E:94:8C:F7:E9:C2:FD:43:CB:DC:AB:CF:59:D9:AD:C0:8D:D8:FC:27:14:E5:E2:DF:6D"}}},"request":{"raw":"POST /api/common/getAllSetting HTTP/1.1\r\nHost: apiv8.ancenns.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nlanguage: en\r\nlang: en\r\nOrigin: https://gstwjy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 04 May 2026 13:22:14 GMT\r\ncontent-type: application/json\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://gstwjy.com\r\naccess-control-allow-credentials: true\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6vp5tevA9DygdfFeCTm70KKUx7OsIXuTR994%2B2dbzB%2BS%2Fx83HEJJFCRdcgASRIty6Cccstmo76jyGLC8s2qmgeMDw%2FGfO24R2vpKxdI1C3jIZWq1IHjZQBFwAd3nuEh4%2BOfISQ%3D%3D\"}]}\r\ncf-ray: 9f67d0251b9b568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12641,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"d6d5bbef0f68633807a2231e73ba2f95","sha1":"b18c037e54ebd2b021266fd18b4ee4387bdf2096","sha256":"c4bebb69c6b5e0345c4356b7c0653ddf3df9b79daddb4281324b33265c8a71b2","sha512":"94dcc8270af84981040296ec6063b57a56ed7759723c6ea39bd45fd5192a2fad2f4600c7c0996e963664c8d074d4bf6b324b4eb18bfd26348143d9d4dca61eef","ssdeep":"192:r+9196OSpQ+okoL5+Rb3uc2hF/uHwyMSLRAOMNd5oaNO2/lYMNmbjDGkivXlOlu0:7uXdS22MUn6vkY1od","tlshash":"a042620a32f8cc7c97da1ac6d097bb49b68d38b7d450ec85e9e7ae0cd4699b5484f009","first_seen":"2026-04-23T15:57:14.272035Z","last_seen":"2026-05-04T13:28:51.839205Z","times_seen":4,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/en-6169ce44.js","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:12.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /assets/en-6169ce44.js HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:13 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:24:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693393e4-9e07\"\r\nexpires: Tue, 05 May 2026 01:22:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F50Cj%2F8eAG54onvbSR5S%2B51pYkQ%2Fkc%2FA4i6H1Q3OrYiCNmgv4KWaTntOoFo70lHC%2FfqG8pngbdeLYvfCOL32%2BYjB%2BkxVtL14b6WmOpOwqeMyfixYr1DZYzv8Jk4%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67d01b3c7e568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":40455,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (40432)","md5":"55cada4e190449da182532ea29301ee4","sha1":"2800ee14bf4e7d273767f19044ae204da6be74b6","sha256":"9ab1d24551348461e85e174b2bd63d102a31091580816479fa657e6067de7469","sha512":"32db0253b7585344433959693ebfcd8ffeffe0c0a0a0f94a2517a1139d7622de4ed824b9256af3b8c9067b961632d42caf6a763599a24741116a1da16e09afd5","ssdeep":"768:+GtZcEw/o7rKOdAFsifnAMC2rAaAMFVoP6+6sPG9w1mwO6fpk7aOLxf:iponKOdebE2rdFVLsPWwqLxf","tlshash":"6503d6893e1a989a04f3537674ce6e1120f60ac18255881f4fedc9fd93d2b67a363b34","first_seen":"2026-02-24T15:46:17.959734Z","last_seen":"2026-05-04T13:28:51.856787Z","times_seen":7,"resource_available":true,"data":null}},"time_used":827,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":827,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/index-63d048c9.css","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:12.414Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /assets/index-63d048c9.css HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:12 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:24:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693393e4-27c4\"\r\nexpires: Tue, 05 May 2026 01:22:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xxAuKimALJG9yLvk19nrQwXzHAceROAE8bKBWVGQZuFens0XMnn2OZgpz2Zj%2FzQ7X1vLG6OHKiR%2FRXBAMtKi83ELtRUQS4niNcc%2BB%2B%2F3HgQfWVt3T7%2F6rNBXerBB\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67d01bad10568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10180,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (10179)","md5":"d9352ed5af4769b22f7ea5eded8ba1d8","sha1":"890fbd067f5719ca5a685ffa30a81ac26c7d9ed5","sha256":"63d048c9c86c4185612da92ad5da670f4a1ae98d66b6d778e87c451a5081e499","sha512":"a92fdd189244106023ab0aa40a4a7b505c277240c063d501608c231c3d370cfa15067658a59229d6fb3fb76ed4c2f645b1ecf3319d4cfebc88a9e75f41f22eba","ssdeep":"96:tYyGhezOETj+jXMp5mXUVM2tL0a5OsenD62rm8Ikc4rJNgLWrVYRN:tYhePf+EYveqDciJNgLWrVa","tlshash":"ae22532df3e52738ac37e266abd909cce10cb921e653dda4e56795220ddb1e3163048d","first_seen":"2026-02-24T15:46:17.944052Z","last_seen":"2026-05-04T13:28:51.885665Z","times_seen":7,"resource_available":false,"data":null}},"time_used":348,"timings":{"blocked":7,"dns":0,"connect":0,"send":0,"wait":341,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/index-89aece6b.js","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:12.416Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /assets/index-89aece6b.js HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:13 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:24:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 05 May 2026 01:22:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BwJcSkEi%2B6XeEq8We0TwJX9Lx5zO%2B5INbvPSGUaTp8jqHgaB%2Ba19bJEzLOIaY9yN34S%2B%2FJe0tkKVUEW%2FEcLWYQojQUx7ZWPBG0tlqlxgeXWFqgXOTRvmVdh%2FikjL\"}]}\r\netag: W/\"693393e4-1fe\"\r\ncontent-encoding: br\r\ncf-ray: 9f67d01bad13568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":510,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (509)","md5":"265a79c4efd1371c08521a69b7c46372","sha1":"692e41e7a74c683f59eb0da79c30ed0d31fd17ee","sha256":"fe4cc4cbc91539e462eff006cdc414cd3621a7e1170a9ce3ae7e2ad4f6ddfb1b","sha512":"eb0566bff6252b28c7f8250a07c36d5c4fd61b5d2412227c9f4a037dc76b1741535c62e00137abe043d850c7b39465a8f333d357c545cb14e8660d74cf70406c","ssdeep":"","tlshash":"79f0c93f797a81b21bb388e8a1631820a6291b4a2754c494e8870a1097348e3e12e224","first_seen":"2026-02-24T15:46:17.933111Z","last_seen":"2026-05-04T13:28:51.878973Z","times_seen":7,"resource_available":true,"data":null}},"time_used":597,"timings":{"blocked":5,"dns":0,"connect":0,"send":0,"wait":592,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"echo88.oss-accelerate.aliyuncs.com/echo88288f8457e0094e99804d53e9259c4e93.png?2.0.1764987877129","fqdn":"echo88.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.396Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 21 Jan 2026 05:48:22 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"64:86:8B:A7:E4:DC:0E:74:32:46:53:69:3C:B8:E4:89:DD:F6:BD:55","sha256":"B8:C1:A5:52:E0:02:69:05:3E:47:AF:74:43:E0:AC:57:AB:A5:93:BF:4E:FF:3B:47:70:FE:C7:D9:C7:08:29:93"}}},"request":{"raw":"GET /echo88288f8457e0094e99804d53e9259c4e93.png?2.0.1764987877129 HTTP/1.1\r\nHost: echo88.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:22:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 2637\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D8777936D43C57C3389\r\nAccept-Ranges: bytes\r\nETag: \"6604B3D9DA2F03EE780C90BDE795DFC1\"\r\nLast-Modified: Sat, 16 Aug 2025 09:33:30 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 14436689670045672361\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000110\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: ZgSz2dovA+54DJC955XfwQ==\r\nx-oss-server-time: 4\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2637,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"6604b3d9da2f03ee780c90bde795dfc1","sha1":"af042df5c05afed240ed9a122f91d0c7480821dc","sha256":"954f64cd412457234f9506503926b0cb71784293a269e5e0708b06ed5dc46fbb","sha512":"91208e4e2f04fd606a893844b4bfb698e3f29fa9edbdda317c8e949855f3477cceb42fd2aa15c15ddd6a55fcbacb839c8ca7a7858a497f7e754f9afa4b1a0dd1","ssdeep":"","tlshash":"3c5139b73546265bcdabe34e9eb910b3f37d8514abf381440de1cc6201379da8845b67","first_seen":"2026-02-24T15:46:17.940459Z","last_seen":"2026-05-04T13:28:51.840484Z","times_seen":7,"resource_available":false,"data":null}},"time_used":3591,"timings":{"blocked":1665,"dns":1537,"connect":22,"send":0,"wait":252,"receive":0,"ssl":104},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"echo88.oss-accelerate.aliyuncs.com/echo8822119ff75707419fbbbb1eeb7f71ac8d.png?2.0.1764987877129","fqdn":"echo88.oss-accelerate.aliyuncs.com","domain":"aliyuncs.com","tld":"com"},"ip":{"addr":"47.254.187.165","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.467Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.oss-eu-central-1.aliyuncs.com","organization":"Alibaba (China) Technology Co., Ltd."},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 21 Jan 2026 05:48:22 GMT","end":"Sun, 07 Feb 2027 03:11:39 GMT"},"fingerprint":{"sha1":"64:86:8B:A7:E4:DC:0E:74:32:46:53:69:3C:B8:E4:89:DD:F6:BD:55","sha256":"B8:C1:A5:52:E0:02:69:05:3E:47:AF:74:43:E0:AC:57:AB:A5:93:BF:4E:FF:3B:47:70:FE:C7:D9:C7:08:29:93"}}},"request":{"raw":"GET /echo8822119ff75707419fbbbb1eeb7f71ac8d.png?2.0.1764987877129 HTTP/1.1\r\nHost: echo88.oss-accelerate.aliyuncs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: AliyunOSS\r\nDate: Mon, 04 May 2026 13:22:16 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 2823\r\nConnection: keep-alive\r\nx-oss-request-id: 69F89D8713F9D45280B37608\r\nAccept-Ranges: bytes\r\nETag: \"E2E92AA6957DC5665AC77E0571FD74A7\"\r\nLast-Modified: Sat, 16 Aug 2025 09:31:54 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 6035980176649803087\r\nx-oss-storage-class: Standard\r\nCache-Control: no-cache\r\nx-oss-ec: 0048-00000110\r\nContent-Disposition: attachment\r\nx-oss-force-download: true\r\nContent-MD5: 4ukqppV9xWZax34Fcf10pw==\r\nx-oss-server-time: 3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":2823,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"e2e92aa6957dc5665ac77e0571fd74a7","sha1":"4bbbdaced519b35a2ec916c1864cab2b652d505e","sha256":"073c873b7d43e0bd5e336202634b4d2ea3dfc40322978017466139cf9ae36c2e","sha512":"32235ab34ac47a4dd0e726b67cacca86346353f24475d5358b3255ed49a47e00454f7e9dacc4460d27d292a650943fdfffaa671f91296ab97a59126520f9f51c","ssdeep":"","tlshash":"c551f603a7551001de369d80147cc12bff3e60206c412818baba986a61cfa61daddbdb","first_seen":"2026-02-24T15:46:17.915859Z","last_seen":"2026-05-04T13:28:51.842391Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2561,"timings":{"blocked":2312,"dns":0,"connect":0,"send":0,"wait":249,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/resource/fonts/DINOT-Medium.otf","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.479Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /resource/fonts/DINOT-Medium.otf HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gstwjy.com/assets/index-43a475f0.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:14 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 73096\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:23:12 GMT\r\netag: \"69339390-11d88\"\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ijyCspiJP7dZxoRlRMS7w69Fu5GDIuJMAC31XjLKzLGtNe3H79ZAWYQXmJRqjdiSla9S3RoI0SPR0LRc%2FkgzLsAhJGqfQwhQHLewOiBqk0bESGl8Puqkcv4UqO1w\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67d0224d6b568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":73096,"size_decoded":0,"mime_type":"application/octet-stream","magic":"OpenType font data","md5":"ab876400560626fbe045633dc44f0748","sha1":"85bbfb1729e86f40ddc9af7197b5f54ed6136226","sha256":"5888b24f6b65ff7c989b4a258dbeb5d997320d61417371210da0258be21d854d","sha512":"82e96ade51b0570c1f691ba45d1a3c0802015dad7598954675c4abe2fa8a9fc705adbe6eb5e677aa5cc03b6704e594cfe99279c678855ebbbcbade6d5028dbd6","ssdeep":"1536:TlK/cP2D2oV7otQjBG1+acfZZHHDEdom1hvd5JItkB7k3Z:TKQQtG1yZSdomrvpIqcZ","tlshash":"0b636f031d4fb9548de4513a52de4ea34bb39ecc1ca493c30ae12d938fece6657152ae","first_seen":"2023-08-16T00:37:20Z","last_seen":"2026-05-04T13:32:42.324806Z","times_seen":897,"resource_available":false,"data":null}},"time_used":1008,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":810,"receive":198,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apiv8.ancenns.com/api/notice/list?key=ROLL_NOTICE","fqdn":"apiv8.ancenns.com","domain":"ancenns.com","tld":"com"},"ip":{"addr":"104.21.55.131","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:13.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ancenns.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 29 Mar 2026 11:20:56 GMT","end":"Sat, 27 Jun 2026 12:16:59 GMT"},"fingerprint":{"sha1":"DA:73:3E:84:54:58:F6:18:15:EF:6B:C9:9C:60:40:B0:C7:A9:E0:DD","sha256":"CE:81:5A:E8:E4:E9:31:4E:94:8C:F7:E9:C2:FD:43:CB:DC:AB:CF:59:D9:AD:C0:8D:D8:FC:27:14:E5:E2:DF:6D"}}},"request":{"raw":"OPTIONS /api/notice/list?key=ROLL_NOTICE HTTP/1.1\r\nHost: apiv8.ancenns.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: lang,language\r\nOrigin: https://gstwjy.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 13:22:13 GMT\r\ncontent-length: 0\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://gstwjy.com\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: lang, language\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 1800\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DiTWuDZ1huSVGoK4TT1rxPgAkqcW9xmnoEMPbc3I2BIscpyBDcEefTaeK%2B%2BH%2FlB%2Bibw1QZIrNBidXhwsHDdpgXC%2FmK6QDHW%2BPS23X%2BBDHienHAUyuqu4JhnDjXZJz%2FMkrXUjJA%3D%3D\"}]}\r\ncf-ray: 9f67d02268ff56a5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-04T17:05:16.84953Z","times_seen":14645188,"resource_available":true,"data":null}},"time_used":199,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":199,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"apiv8.ancenns.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/index-d253bac1.css","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:12.394Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /assets/index-d253bac1.css HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:12 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:24:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 05 May 2026 01:22:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BeR6bWn4iN2DOwtGPbKp7aJZGZuvcWb%2FKPQBPX6s1519RpGuEdezvjC3x%2BcfIFlpztw13yTFE7%2BewD7BCahmTV%2FWC9rdfUiODMH8gRs7f9QaVhK5Zi6bKKiV09xO\"}]}\r\netag: W/\"693393e4-3d\"\r\ncontent-encoding: br\r\ncf-ray: 9f67d01b8ce6568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":61,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"c88360cef8df86c995e562333879873a","sha1":"8674b487cf92f20149c0ef681b42a599469813bf","sha256":"d253bac175b5b52734c192e96d18c8b26b0c92b881584f63b7de91bff96c6149","sha512":"eeeb5ec01fe8c7d483182fc60a2b54ee1d02994718fd9b23a6182f49ead49d889889f21592b2955bcac8cc859023204782db3210d3a0c706a3e4677564db3636","ssdeep":"","tlshash":"f6a0026d11156404b2225341ff5ff95dce686917da91820453421c9135cbe8f25d821b","first_seen":"2024-07-24T17:37:43Z","last_seen":"2026-05-04T13:34:50.772959Z","times_seen":301,"resource_available":false,"data":null}},"time_used":594,"timings":{"blocked":6,"dns":0,"connect":0,"send":0,"wait":588,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gstwjy.com/assets/currencyItem-15550dda.css","fqdn":"gstwjy.com","domain":"gstwjy.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gstwjy.com/","date":"2026-05-04T13:22:12.412Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gstwjy.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 03:35:28 GMT","end":"Mon, 29 Jun 2026 03:35:27 GMT"},"fingerprint":{"sha1":"27:70:19:A0:08:F9:D3:35:82:68:2F:CA:E9:2B:A2:18:C0:5B:52:1E","sha256":"2B:A8:79:B1:3E:D2:54:72:3A:FD:A5:42:D0:59:45:4D:1F:56:EF:75:DD:A0:90:8B:3A:08:ED:05:59:0F:88:D7"}}},"request":{"raw":"GET /assets/currencyItem-15550dda.css HTTP/1.1\r\nHost: gstwjy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 13:22:13 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sat, 06 Dec 2025 02:24:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"693393e4-6d6\"\r\nexpires: Tue, 05 May 2026 01:22:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=15552000; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=2,i=?0\r\nx-content-type-options: nosniff\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RaCvYdc0WKIA7M1c20f5VlXzN9wDgKepSZBlskItqZy2cfEz1v%2Bhru2WrJXwymYavfulw2YCTgGu4WQL38bN9I9jqB4VN39oGhv7tq1yXNR2SZuSr4CHoSW%2BjuxS\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f67d01bad0e568f-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1750,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1749)","md5":"0a88af6b4dca3c130c74addeb274fb10","sha1":"fb0c4b8a0f7b7c4bac8e193999f99b4070ffcfad","sha256":"15550dda13edd7fe55a2d29edacb7ba57f23f39ef10d087669c0f75facae0763","sha512":"5d046b442f0f471b2063fcd34fb68b1d95b79647ec7e50cf5290ebd866febcd12e9b890a1784512959c4f4a433d3f31d57540254b4e0abbb6f55dc7773677619","ssdeep":"","tlshash":"ed31c05457110375da3bc8866ea8010dc0d47fd1901765cae8afaa2b2ccfa931b7096b","first_seen":"2024-08-19T15:53:11.157884Z","last_seen":"2026-05-04T13:28:51.868038Z","times_seen":332,"resource_available":false,"data":null}},"time_used":660,"timings":{"blocked":9,"dns":0,"connect":0,"send":0,"wait":651,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gstwjy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}