{"report_id":"452737be-5d11-47e1-b17d-5ff1dd42a5f8","version":0,"status":"done","tags":[],"date":"2026-06-27T16:23:30Z","url":{"schema":"http","addr":"g3user.com","fqdn":"g3user.com","domain":"g3user.com","tld":"com"},"ip":{"addr":"203.107.45.167","port":0,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"final":{"url":{"schema":"https","addr":"www.g3user.com/","fqdn":"www.g3user.com","domain":"g3user.com","tld":"com"},"title":"G3云平台 - 会员登录def","dom":{"size":34776,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (28110)","md5":"cf02e45823693e37012a99328117e85a","sha1":"6828692f467baeeaf9418495ea55a66666fff0a8","sha256":"5eefc3485a7d71abe3769e137392c5bf04c90deda30781cdeb30ea991885b37d","sha512":"49082bd39d812336dd8623da8fb5eabfdc0f02d4316f109fb3709e29fc54c1858ac0735ad1c5ba4ecb8c20c3470c4f3d308963654d1986f64c2b3fa39eca48cc","ssdeep":"768:OakrhjrGUk5eKgH+Av1jG/TGxpXe2pIZw7ie:tkrhjrGUk5eKgH+Av1jG/TM1pIZqie","tlshash":"38f2b6209e82102fe5b3841d70d3779d3a39e167e2135ebcb39de8a8c7da8971527748","dom_hash":"domhashee204c1c31f3578e4ff897b126a26767","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"g3user.com","fqdn":"g3user.com","domain":"g3user.com","tld":"com"},"ip":{"addr":"203.107.45.167","port":0,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-01T16:23:30Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"g3user.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"www.g3user.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.g3user.com","ip":{"addr":"39.105.1.11","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"domain_registered":"2016-05-16","domain_rank":0,"first_seen":"2026-06-27T16:23:31.709859Z","last_seen":"2026-06-27T16:23:31.709859Z","alert_count":10,"request_count":10,"received_data":430902,"sent_data":5352,"comment":"","tags":null,"fingerprints":[{"name":"PHP:7.2.4","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Alibaba Cloud CDN","description":"Alibaba Cloud CDN is a global network of servers designed to deliver high-performance, low-latency content to users around the world. It is a cloud-based service provided by Alibaba Cloud, a subsidiary of the Alibaba Group, that enables businesses to accelerate the delivery of their web content, including images, videos, and static files, to end-users.","website":"https://www.alibabacloud.com/product/content-delivery-network","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"fourier.alibaba.com","ip":{"addr":"47.246.167.183","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"domain_registered":"1999-04-15","domain_rank":73547,"first_seen":"2017-12-29T06:57:08Z","last_seen":"2026-06-26T22:06:57.0791Z","alert_count":0,"request_count":1,"received_data":260,"sent_data":911,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cf.aliyun.com","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2007-09-28","domain_rank":465639,"first_seen":"2015-11-12T16:39:08Z","last_seen":"2026-06-24T10:25:24.511637Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":637,"comment":"","tags":null,"fingerprints":null},{"fqdn":"gm.mmstat.com","ip":{"addr":"140.205.151.7","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"domain_registered":"2007-12-25","domain_rank":104988,"first_seen":"2013-09-16T03:47:12Z","last_seen":"2026-06-26T22:32:59.916587Z","alert_count":0,"request_count":2,"received_data":848,"sent_data":2347,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"g.alicdn.com","ip":{"addr":"23.214.96.142","port":443,"asn":35994,"as":"AKAMAI-AS","country":"United States","country_code":"US"},"domain_registered":"2008-06-25","domain_rank":38802,"first_seen":"2014-10-06T08:39:58Z","last_seen":"2026-06-26T00:27:27.293796Z","alert_count":0,"request_count":6,"received_data":997441,"sent_data":2857,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"ynuf.aliapp.org","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2008-01-04","domain_rank":49898,"first_seen":"2017-01-30T07:25:30Z","last_seen":"2026-06-27T07:06:50.454113Z","alert_count":0,"request_count":2,"received_data":795,"sent_data":1028,"comment":"","tags":null,"fingerprints":[{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"g3user.com","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2016-05-16","domain_rank":2017899,"first_seen":"2026-06-27T16:23:31.708746Z","last_seen":"2026-06-27T16:23:31.708746Z","alert_count":2,"request_count":2,"received_data":260,"sent_data":874,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"g.alicdn.com/sd/ncpc/nc.js?t=1468897068092","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"23.214.96.142","port":443,"asn":35994,"as":"AKAMAI-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"11998461d3d77dde9e7ef72a65e08429","sha1":"3863ac62c17ae5e0de527e1a8eeaea40e07c2531","sha256":"994aae2408fa3aaca7faec5f32d6b0245012786ee65eec40df3ab54b48992b0a","sha512":"b43185549d78f17805626a4252fcf8a95d9c608d00e5c0384800b6f6a4669b8dbd9770bd4a8111e81f8bebdc94e07900f29f81a8cc11ec59310fb0a57354779e","ssdeep":"6144:82FkFcwdCl/viCF7TWjO9vE6qTYEBJg4EOBFuYyLJi:+dCl/viCF7vE6qvBK4EOBH","tlshash":"52244ad9b382301e06a354acdcff360e71369982a805c978fbb1d4d69b7895b511bf2c","size":221174,"data":"","first_seen":"2023-08-15T13:48:39Z","last_seen":"2026-07-01T20:52:37.700254Z","times_seen":59959,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.g3user.com/js/jquery.min.js","fqdn":"www.g3user.com","domain":"g3user.com","tld":"com"},"ip":{"addr":"39.105.1.11","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8d64d0bc142b3f670cc0611b0aebcae","sha1":"abcd2ba13348f178b17141b445bc99f1917d47af","sha256":"47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4","sha512":"a684abbe37e8047c55c394366b012cc9ae5d682d29d340bc48a37be1a549aeced72de6408bedfed776a14611e6f3374015b236fbf49422b2982ef18125ff47dc","ssdeep":"1536:8YRKUfAjtledhTmtaFyQHGvCXsedOgRc9izzr4yff8teLvHHEjam7W5X3yzSiLnM:VUb6GvCu09s2o2skAieW","tlshash":"b393e7d9b2d67123c7b731b850af510bb17698aa784c8c50f068d8e4be74a48907bf7d","size":94840,"data":"","first_seen":"2023-03-07T01:03:23Z","last_seen":"2026-07-01T22:29:15.848246Z","times_seen":23186,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.g3user.com/js/wslider.js?v=0721","fqdn":"www.g3user.com","domain":"g3user.com","tld":"com"},"ip":{"addr":"39.105.1.11","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"fa377f1eb364e8b5c2a7927b9079ec04","sha1":"564e157539c985e707bfe83d83126f858a468fe1","sha256":"0ba9625dc8c37aada69c575aa79b29ddad1c8d1deaadcc8830b28cb00259cc12","sha512":"f1205523446cf7eda4ac9bdf550930a4db5a7d43af9ed97a18aa4881220a0be34634a846d0d508c20490aaebd3deee191d9fe6f6497c1bd207696b3231ab7a0d","ssdeep":"","tlshash":"5a21366a75532a68a13223349b7f5c04ddab10270b0397c0bea590e55ff020ca65dffc","size":1130,"data":"","first_seen":"2026-06-27T16:23:40.649949Z","last_seen":"2026-06-27T16:23:40.649949Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/AWSC/WebUMID/1.93.0/um.js","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"23.214.96.142","port":443,"asn":35994,"as":"AKAMAI-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a4cff78229e56fde5f28d1999679a1d1","sha1":"8d8f89aa7d26569337192dce8a12daaa1867bcd4","sha256":"4c4701ca975df0019b9ce5ffd2a8d33f413bad55663a9f64ba9369da7a444db0","sha512":"93f873e74d03bbd48c545b3d2f58b3f760a2c4326d9ceb6fb2c5977724e81bb6d90f00c3cb4cd3e453557ea59ab4c738192c2d872ec7876558bddffa923d2932","ssdeep":"3072:/T4+7vhrLHWDoCY1tNvVxejYl/kPEs2Hu9NfH8v3V3QDz:7XCjd28z","tlshash":"46048fa5b893008e112ad7fd146b3dda9d19c8a1e5490df3193ac797ed92ac350cb0fb","size":177654,"data":"","first_seen":"2023-03-13T19:52:52Z","last_seen":"2026-07-01T22:37:02.415977Z","times_seen":23941,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.g3user.com/js/login.js?v=0721","fqdn":"www.g3user.com","domain":"g3user.com","tld":"com"},"ip":{"addr":"39.105.1.11","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"b5bacc01a12006d8fb5bf96b1cadca9d","sha1":"113d37deff148fa404553e66c879602953bd068e","sha256":"6f26d9a65904281f20c72290da1676e17ee207c57799148db6d61ab77dbd8913","sha512":"434a86f55193db8a2d9501f53096d8058ea897d8e7101d8955b990b0846d3517b2f93047cdf1b1774572e25e166eb9f2edd3636372d8a27f47ed56df095b7014","ssdeep":"192:+jZiEHVmF45KwdVCm+bYEAlKyPzKjzkP0M:+jZiTOsHm+cIkzKjzkP0M","tlshash":"bd027109bd49292841b7737d976fa288fd7661230546d70abdfdc6903f34c52802aeee","size":8938,"data":"","first_seen":"2026-06-27T16:23:40.642721Z","last_seen":"2026-06-27T16:23:40.642721Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.g3user.com/js/bindanchor.js","fqdn":"www.g3user.com","domain":"g3user.com","tld":"com"},"ip":{"addr":"39.105.1.11","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"421662109475ab27b6b3588ebdef4e52","sha1":"75b67b28a351cbdf88598f251b8e59779ad34ef8","sha256":"ca66707afac7909904f0668c924ca224700e8adee9a2e8dca88b563187f37c22","sha512":"5392b4dd72a03b60ab3e0a0da60ad532910e9f0124981a40766e7724120406f387048cb3effd50fa45d0da795d425ce68eec0b4a628dcf7d1f6853f55bc5e7af","ssdeep":"","tlshash":"2a7154c4324ec93e679023e247fef11ce86ed0720751a5a8fda79a956ce460d0329b69","size":3647,"data":"","first_seen":"2026-06-27T16:23:40.647871Z","last_seen":"2026-06-27T16:23:40.647871Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/AWSC/AWSC/awsc.js?_t=247580","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"23.214.96.142","port":443,"asn":35994,"as":"AKAMAI-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0449654aed6407a2526f3ced660d3aad","sha1":"672139f00638f9c596ee6db7ac38b5df59deff12","sha256":"454463459ab3819af7cd400a3f14f8c71beba1958b1459f042e7205ea0d9e358","sha512":"c8e6e25be196a5947c4d6211f20a0747b216e58f066713beaf08deb98b5e4eba6cc996021f6063265a082ed183fa6130449da1348d7516928da35f42853e3111","ssdeep":"192:pTat7umFhdVJdHjzCYJKjvR1YJ5JW3S+jHa8C4T9tSQjPKczC:E5JVZcjvR1A5JW3lHQc3Y","tlshash":"5232e7cf3a60715b6b624c72f8bf1148393b2ae7144dd055aa4ce4c066bc37e196bed8","size":10956,"data":"","first_seen":"2026-06-08T10:37:17.904993Z","last_seen":"2026-07-01T22:37:02.440298Z","times_seen":156,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/AWSC/et/1.83.41/et_f.js","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"23.214.96.142","port":443,"asn":35994,"as":"AKAMAI-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f2b022029efa2e167bcaa47c141e436d","sha1":"d8e3ec5d9b00ac0f28661b2cbb789887a1813345","sha256":"85b7432e3f622aeaa14fa5daca54438b4f4c0e2d3d98466957a48f9090f0bc01","sha512":"15108947d13ee9a7bd4481b6330e07e7f5718ee63403771a79cd587217eb3bf0d459ef3fe1b820f465a4c61ba8ba66f9cd1484004d4fbedd8538b8585c0249b0","ssdeep":"6144:e1AScATvc2DAjCEte/7lgPhp5i53K6kK1:e1AcD6W60m4","tlshash":"8b643f695123044d1261c7fd253b38caac68c910c5980cfb6e32d797dca9ad368e79fb","size":320510,"data":"","first_seen":"2025-12-03T22:41:41.949634Z","last_seen":"2026-07-01T22:52:45.972248Z","times_seen":10115,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/AWSC/uab/1.140.0/collina.js","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"23.214.96.142","port":443,"asn":35994,"as":"AKAMAI-AS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"75fb6b94dcb3a9c89abb59a3ffd7546f","sha1":"96101820857ef511ba83017e928aeeb88353b162","sha256":"04975704505b42dc124568d9d4be26aee2d4592826a0487920cb1d016d1a8e58","sha512":"e02e6e241f2c231af62b43429b6ca36e2f25df8349642c22fcb6fb1e16e4ecc607895811fb42b181f8acea5045a89418613f3d84675741f85deb1dab8bba9b32","ssdeep":"3072:HH9gsRbGOIfgbp2wnp4f0xMu5kKP88///Bi1ZJiEmtaIv9YkKTWA2L/Qe1YdFpBk:wk/plx55kKDsZJiESap20tFDIvx","tlshash":"f434e8f9a21385cc4678c0d1a937f7dd0491b8080f980c99b724eab99cbdf6769dc92d","size":248730,"data":"","first_seen":"2023-03-07T01:26:04Z","last_seen":"2026-07-01T21:39:17.628137Z","times_seen":21819,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.g3user.com/","fqdn":"www.g3user.com","domain":"g3user.com","tld":"com"},"ip":{"addr":"39.105.1.11","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"introduction_type":"Function","is_inline":false,"md5":"8d46e2bc77fb0b41f87ccf9a32df5d25","sha1":"c22a372d491a29e212169e6db5a44a53369b6935","sha256":"457e7360a585f828fa0887299245267fd923f6036471a3250665b8b9d3c623af","sha512":"65d5b46c23c71d20d7c3b64a4d3f75c36e26db711db8308e8a225d23544dcb1172d0f972d08c3cd3b83a12995bc4e2aa869af527009647f81771fccf1aada5e1","ssdeep":"","tlshash":"fda022c020c000822bb300b0082baf00b0a00c30a0888808f0c8fc020c800e08008e2e","size":66,"data":"","first_seen":"2023-04-12T01:32:23Z","last_seen":"2026-07-01T21:39:17.758295Z","times_seen":45617,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"log","text":"map[actor:server1.conn0.watcher14.process7//obj33 class:RegExp displayString:/_n1t|_n1z/ extensible:true frozen:false isError:false ownPropertyLength:2 sealed:false type:object]","filename":"https://g.alicdn.com/AWSC/et/1.83.41/et_f.js","line_number":2,"column_number":264728}]},"http":[{"url":{"schema":"https","addr":"g.alicdn.com/AWSC/et/1.83.41/et_f.js","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"23.214.96.142","port":443,"asn":35994,"as":"AKAMAI-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.g3user.com/","date":"2026-06-27T16:23:10.236Z","timestamp":1782577390236,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"air.alistatic.com","organization":""},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 25 Mar 2026 00:00:00 GMT","end":"Fri, 09 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C2:35:9B:C3:B4:D8:FB:F0:34:45:8B:01:57:DA:05:14:55:73:CD:F9","sha256":"A9:F8:4E:8C:58:1F:17:02:7E:7F:A2:E1:40:E5:2F:83:85:BA:0B:69:1C:A6:4C:D0:47:24:81:D6:20:F3:E3:CE"}}},"request":{"raw":"GET /AWSC/et/1.83.41/et_f.js HTTP/1.1\r\nHost: g.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.g3user.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: application/javascript\r\ncontent-length: 111774\r\nserver: Tengine\r\nx-oss-request-id: 69DA3CA4D5460939326DBE92\r\naccept-ranges: bytes\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 4537272976050818497\r\nx-oss-storage-class: Standard\r\ncontent-encoding: gzip\r\ncontent-md5: TR8moodXrD2OyFVUv5Wihg==\r\nx-oss-server-time: 20\r\nx-bucket-code: 3\r\nups-target-key: cdn-relay.vipserver\r\nx-protocol: HTTP/1.1\r\neagleeye-traceid: 211b87fe17759100529124711e111c\r\nstrict-transport-security: max-age=0\r\ns-brt: 26\r\ns-rt: 26\r\ncache-control: max-age=406229, s-maxage=86400\r\nexpires: Thu, 02 Jul 2026 09:13:39 GMT\r\ndate: Sat, 27 Jun 2026 16:23:10 GMT\r\nalt-svc: h3=\":443\"; ma=93600,h3-29=\":443\"; ma=93600\r\nvary: Accept-Encoding\r\nquic-version: 0x00000001\r\nserved-from: 23.213.134.142\r\nnetwork_info: NO_OSLO_50304\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: FW_IP\r\nfw_ip: 23.214.96.142\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":320510,"size_decoded":112707,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (61374)","md5":"f2b022029efa2e167bcaa47c141e436d","sha1":"d8e3ec5d9b00ac0f28661b2cbb789887a1813345","sha256":"85b7432e3f622aeaa14fa5daca54438b4f4c0e2d3d98466957a48f9090f0bc01","sha512":"15108947d13ee9a7bd4481b6330e07e7f5718ee63403771a79cd587217eb3bf0d459ef3fe1b820f465a4c61ba8ba66f9cd1484004d4fbedd8538b8585c0249b0","ssdeep":"6144:e1AScATvc2DAjCEte/7lgPhp5i53K6kK1:e1AcD6W60m4","tlshash":"8b643f695123044d1261c7fd253b38caac68c910c5980cfb6e32d797dca9ad368e79fb","first_seen":"2025-12-03T22:41:41.949634Z","last_seen":"2026-07-01T22:52:45.972248Z","times_seen":10115,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ynuf.aliapp.org/w/wu.json","fqdn":"ynuf.aliapp.org","domain":"aliapp.org","tld":"org"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.g3user.com/","date":"2026-06-27T16:23:10.728Z","timestamp":1782577390728,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /w/wu.json HTTP/1.1\r\nHost: ynuf.aliapp.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.g3user.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-01T23:08:01.783777Z","times_seen":16894679,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g3user.com/","fqdn":"g3user.com","domain":"g3user.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-27T16:23:01.558Z","timestamp":1782577381558,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: g3user.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-01T23:08:01.783777Z","times_seen":16894679,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"g3user.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.g3user.com/","fqdn":"www.g3user.com","domain":"g3user.com","tld":"com"},"ip":{"addr":"39.105.1.11","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-27T16:23:07.266Z","timestamp":1782577387266,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.g3user.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 15 Apr 2026 06:08:26 GMT","end":"Tue, 14 Jul 2026 06:08:25 GMT"},"fingerprint":{"sha1":"65:8D:06:E7:05:AF:BD:73:F0:F3:FB:10:C5:71:18:57:52:12:E6:70","sha256":"A3:3B:76:C0:1A:09:4B:DB:69:3F:5F:87:2F:3E:D8:E5:B2:6B:6E:54:DB:E3:20:D5:CB:76:BA:EA:E6:C6:54:7F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.g3user.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 16:23:08 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: PHP/7.2.4\r\nset-cookie: uc_operation=1782577388; path=/; secure\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"PHP:7.2.4","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Alibaba Cloud CDN","description":"Alibaba Cloud CDN is a global network of servers designed to deliver high-performance, low-latency content to users around the world. It is a cloud-based service provided by Alibaba Cloud, a subsidiary of the Alibaba Group, that enables businesses to accelerate the delivery of their web content, including images, videos, and static files, to end-users.","website":"https://www.alibabacloud.com/product/content-delivery-network","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":6751,"size_decoded":3027,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4973)","md5":"261fb88d2529a34031bfe1f19e33065c","sha1":"60b66902c9ee058e170865d31dc9afd5d16af66a","sha256":"718ff746691317bef861f727e9e131dc408fa0fd0040c19d94e1aaf268e3e899","sha512":"fc83bbdf34b003fb0772a2a14bad6c9ac409ddc0480e7b40659fd4ce1e60cae89af1e879009444f12b975c67575edae545991523a67757fc565675436e2809a7","ssdeep":"192:M6EfPlxjBIC3nWAxZKyDn+fpW4lFalvWrWOc:MdvVIC3fKwn+fjul","tlshash":"a2d196156ce5c85b4043c6d4e0f6ef6daf96c256c7425e44f2fc0ae56bc7e868c13289","first_seen":"2026-06-27T16:23:40.640895Z","last_seen":"2026-06-27T16:23:40.640895Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1786,"timings":{"blocked":0,"dns":3,"connect":215,"send":0,"wait":240,"receive":0,"ssl":1328},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"www.g3user.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.g3user.com/js/jquery.min.js","fqdn":"www.g3user.com","domain":"g3user.com","tld":"com"},"ip":{"addr":"39.105.1.11","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.g3user.com/","date":"2026-06-27T16:23:09.303Z","timestamp":1782577389303,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.g3user.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 15 Apr 2026 06:08:26 GMT","end":"Tue, 14 Jul 2026 06:08:25 GMT"},"fingerprint":{"sha1":"65:8D:06:E7:05:AF:BD:73:F0:F3:FB:10:C5:71:18:57:52:12:E6:70","sha256":"A3:3B:76:C0:1A:09:4B:DB:69:3F:5F:87:2F:3E:D8:E5:B2:6B:6E:54:DB:E3:20:D5:CB:76:BA:EA:E6:C6:54:7F"}}},"request":{"raw":"GET /js/jquery.min.js HTTP/1.1\r\nHost: www.g3user.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.g3user.com/\r\nCookie: uc_operation=1782577388\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 16:23:09 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 15 May 2019 10:33:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5cdbeaed-17278\"\r\nexpires: Sun, 28 Jun 2026 04:23:09 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":94840,"size_decoded":33985,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32769)","md5":"b8d64d0bc142b3f670cc0611b0aebcae","sha1":"abcd2ba13348f178b17141b445bc99f1917d47af","sha256":"47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4","sha512":"a684abbe37e8047c55c394366b012cc9ae5d682d29d340bc48a37be1a549aeced72de6408bedfed776a14611e6f3374015b236fbf49422b2982ef18125ff47dc","ssdeep":"1536:8YRKUfAjtledhTmtaFyQHGvCXsedOgRc9izzr4yff8teLvHHEjam7W5X3yzSiLnM:VUb6GvCu09s2o2skAieW","tlshash":"b393e7d9b2d67123c7b731b850af510bb17698aa784c8c50f068d8e4be74a48907bf7d","first_seen":"2023-03-07T01:03:23Z","last_seen":"2026-07-01T22:29:15.848246Z","times_seen":23186,"resource_available":true,"data":null}},"time_used":639,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":639,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"www.g3user.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.g3user.com/js/login.js?v=0721","fqdn":"www.g3user.com","domain":"g3user.com","tld":"com"},"ip":{"addr":"39.105.1.11","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.g3user.com/","date":"2026-06-27T16:23:09.342Z","timestamp":1782577389342,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.g3user.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 15 Apr 2026 06:08:26 GMT","end":"Tue, 14 Jul 2026 06:08:25 GMT"},"fingerprint":{"sha1":"65:8D:06:E7:05:AF:BD:73:F0:F3:FB:10:C5:71:18:57:52:12:E6:70","sha256":"A3:3B:76:C0:1A:09:4B:DB:69:3F:5F:87:2F:3E:D8:E5:B2:6B:6E:54:DB:E3:20:D5:CB:76:BA:EA:E6:C6:54:7F"}}},"request":{"raw":"GET /js/login.js?v=0721 HTTP/1.1\r\nHost: www.g3user.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.g3user.com/\r\nCookie: uc_operation=1782577388\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 16:23:09 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 04 Jun 2021 09:28:15 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60b9f22f-22ea\"\r\nexpires: Sun, 28 Jun 2026 04:23:09 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8938,"size_decoded":3797,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"b5bacc01a12006d8fb5bf96b1cadca9d","sha1":"113d37deff148fa404553e66c879602953bd068e","sha256":"6f26d9a65904281f20c72290da1676e17ee207c57799148db6d61ab77dbd8913","sha512":"434a86f55193db8a2d9501f53096d8058ea897d8e7101d8955b990b0846d3517b2f93047cdf1b1774572e25e166eb9f2edd3636372d8a27f47ed56df095b7014","ssdeep":"192:+jZiEHVmF45KwdVCm+bYEAlKyPzKjzkP0M:+jZiTOsHm+cIkzKjzkP0M","tlshash":"bd027109bd49292841b7737d976fa288fd7661230546d70abdfdc6903f34c52802aeee","first_seen":"2026-06-27T16:23:40.642721Z","last_seen":"2026-06-27T16:23:40.642721Z","times_seen":1,"resource_available":true,"data":null}},"time_used":821,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":821,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"www.g3user.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.g3user.com/images/xin/logo.png","fqdn":"www.g3user.com","domain":"g3user.com","tld":"com"},"ip":{"addr":"39.105.1.11","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.g3user.com/","date":"2026-06-27T16:23:09.351Z","timestamp":1782577389351,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.g3user.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 15 Apr 2026 06:08:26 GMT","end":"Tue, 14 Jul 2026 06:08:25 GMT"},"fingerprint":{"sha1":"65:8D:06:E7:05:AF:BD:73:F0:F3:FB:10:C5:71:18:57:52:12:E6:70","sha256":"A3:3B:76:C0:1A:09:4B:DB:69:3F:5F:87:2F:3E:D8:E5:B2:6B:6E:54:DB:E3:20:D5:CB:76:BA:EA:E6:C6:54:7F"}}},"request":{"raw":"GET /images/xin/logo.png HTTP/1.1\r\nHost: www.g3user.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.g3user.com/\r\nCookie: uc_operation=1782577388\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 16:23:09 GMT\r\ncontent-type: image/png\r\ncontent-length: 4443\r\nlast-modified: Tue, 15 Jun 2021 09:18:39 GMT\r\netag: \"60c8706f-115b\"\r\nexpires: Mon, 27 Jul 2026 16:23:09 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4443,"size_decoded":4785,"mime_type":"image/png","magic":"PNG image data, 148 x 52, 8-bit/color RGBA, non-interlaced","md5":"9818779d5b9659bb19d10b509741e259","sha1":"42d9e96a8d0d81071e2fce945e8674366164d221","sha256":"cd063d388634bf66f2f748a78401b857a861fb8b1e054a2a1abc203f2f810c24","sha512":"18f23e45045a968302915aef06b80e6b8a4fba29e068e1f21489fd8b618825859dabfb7ca18c9df4e1c4211f621951e752c4b8bf61665b8c2571ae55a70dbd80","ssdeep":"96:C+p2neGYBNbN11OBnq0jQmCVOKwd+/FrJivqOxUc4NoWk8Mtze8l1:p7GaNBP1Dwy/iiOxUc3Wk8Mtz5z","tlshash":"69916d4e0cb579c1c9f5058db6df6dbd14a9b179e0debc1cababab4a476c008b720401","first_seen":"2026-06-27T16:23:40.64386Z","last_seen":"2026-06-27T16:23:40.64386Z","times_seen":1,"resource_available":false,"data":null}},"time_used":812,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":812,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"www.g3user.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/AWSC/uab/1.140.0/collina.js","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"23.214.96.142","port":443,"asn":35994,"as":"AKAMAI-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.g3user.com/","date":"2026-06-27T16:23:10.238Z","timestamp":1782577390238,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"air.alistatic.com","organization":""},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 25 Mar 2026 00:00:00 GMT","end":"Fri, 09 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C2:35:9B:C3:B4:D8:FB:F0:34:45:8B:01:57:DA:05:14:55:73:CD:F9","sha256":"A9:F8:4E:8C:58:1F:17:02:7E:7F:A2:E1:40:E5:2F:83:85:BA:0B:69:1C:A6:4C:D0:47:24:81:D6:20:F3:E3:CE"}}},"request":{"raw":"GET /AWSC/uab/1.140.0/collina.js HTTP/1.1\r\nHost: g.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.g3user.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: application/javascript\r\nserver: Tengine\r\nx-oss-request-id: 6A2AF7D4BA970F30337E7ACC\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 17940526130122019226\r\nx-oss-storage-class: Standard\r\ncontent-md5: dftrlNyzqciau1mj/9dUbw==\r\nx-oss-server-time: 38\r\ncontent-encoding: gzip\r\nx-bucket-code: 3\r\nups-target-key: cdn-relay.vipserver\r\nx-protocol: HTTP/1.1\r\neagleeye-traceid: 21038cce17812008527751274e0da9\r\nstrict-transport-security: max-age=0\r\ns-brt: 50\r\ns-rt: 51\r\ncontent-length: 105494\r\ncache-control: max-age=1215462, s-maxage=86400\r\nexpires: Sat, 11 Jul 2026 18:00:52 GMT\r\ndate: Sat, 27 Jun 2026 16:23:10 GMT\r\nalt-svc: h3=\":443\"; ma=93600,h3-29=\":443\"; ma=93600\r\nvary: Accept-Encoding\r\nquic-version: 0x00000001\r\nserved-from: 23.213.134.142\r\nnetwork_info: NO_OSLO_50304\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: FW_IP\r\nfw_ip: 23.214.96.142\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":248730,"size_decoded":106407,"mime_type":"application/javascript","magic":"data","md5":"75fb6b94dcb3a9c89abb59a3ffd7546f","sha1":"96101820857ef511ba83017e928aeeb88353b162","sha256":"04975704505b42dc124568d9d4be26aee2d4592826a0487920cb1d016d1a8e58","sha512":"e02e6e241f2c231af62b43429b6ca36e2f25df8349642c22fcb6fb1e16e4ecc607895811fb42b181f8acea5045a89418613f3d84675741f85deb1dab8bba9b32","ssdeep":"3072:HH9gsRbGOIfgbp2wnp4f0xMu5kKP88///Bi1ZJiEmtaIv9YkKTWA2L/Qe1YdFpBk:wk/plx55kKDsZJiESap20tFDIvx","tlshash":"f434e8f9a21385cc4678c0d1a937f7dd0491b8080f980c99b724eab99cbdf6769dc92d","first_seen":"2023-03-07T01:26:04Z","last_seen":"2026-07-01T21:39:17.628137Z","times_seen":21819,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":3,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/AWSC/WebUMID/1.93.0/um.js","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"23.214.96.142","port":443,"asn":35994,"as":"AKAMAI-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.g3user.com/","date":"2026-06-27T16:23:10.242Z","timestamp":1782577390242,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"air.alistatic.com","organization":""},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 25 Mar 2026 00:00:00 GMT","end":"Fri, 09 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C2:35:9B:C3:B4:D8:FB:F0:34:45:8B:01:57:DA:05:14:55:73:CD:F9","sha256":"A9:F8:4E:8C:58:1F:17:02:7E:7F:A2:E1:40:E5:2F:83:85:BA:0B:69:1C:A6:4C:D0:47:24:81:D6:20:F3:E3:CE"}}},"request":{"raw":"GET /AWSC/WebUMID/1.93.0/um.js HTTP/1.1\r\nHost: g.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.g3user.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: application/javascript\r\nserver: Tengine\r\nx-oss-request-id: 6A079979B0CAA236353C5E13\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 2332966527039349753\r\nx-oss-storage-class: Standard\r\ncontent-md5: pM/3ginlb95fKNGZlnmh0Q==\r\nx-oss-server-time: 21\r\ncontent-encoding: gzip\r\nx-bucket-code: 3\r\nups-target-key: cdn-relay.vipserver\r\nx-protocol: HTTP/1.1\r\neagleeye-traceid: 21038cce17788829371345075e1116\r\nstrict-transport-security: max-age=0\r\ns-brt: 41\r\ns-rt: 41\r\ncontent-length: 67905\r\ncache-control: max-age=1086808, s-maxage=86400\r\nexpires: Fri, 10 Jul 2026 06:16:38 GMT\r\ndate: Sat, 27 Jun 2026 16:23:10 GMT\r\nalt-svc: h3=\":443\"; ma=93600,h3-29=\":443\"; ma=93600\r\nvary: Accept-Encoding\r\nquic-version: 0x00000001\r\nserved-from: 23.213.134.142\r\nnetwork_info: NO_OSLO_50304\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: FW_IP\r\nfw_ip: 23.214.96.142\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":177654,"size_decoded":68816,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"a4cff78229e56fde5f28d1999679a1d1","sha1":"8d8f89aa7d26569337192dce8a12daaa1867bcd4","sha256":"4c4701ca975df0019b9ce5ffd2a8d33f413bad55663a9f64ba9369da7a444db0","sha512":"93f873e74d03bbd48c545b3d2f58b3f760a2c4326d9ceb6fb2c5977724e81bb6d90f00c3cb4cd3e453557ea59ab4c738192c2d872ec7876558bddffa923d2932","ssdeep":"3072:/T4+7vhrLHWDoCY1tNvVxejYl/kPEs2Hu9NfH8v3V3QDz:7XCjd28z","tlshash":"46048fa5b893008e112ad7fd146b3dda9d19c8a1e5490df3193ac797ed92ac350cb0fb","first_seen":"2023-03-13T19:52:52Z","last_seen":"2026-07-01T22:37:02.415977Z","times_seen":23941,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.g3user.com/css/w.min.css?v=110","fqdn":"www.g3user.com","domain":"g3user.com","tld":"com"},"ip":{"addr":"39.105.1.11","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.g3user.com/","date":"2026-06-27T16:23:09.296Z","timestamp":1782577389296,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.g3user.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 15 Apr 2026 06:08:26 GMT","end":"Tue, 14 Jul 2026 06:08:25 GMT"},"fingerprint":{"sha1":"65:8D:06:E7:05:AF:BD:73:F0:F3:FB:10:C5:71:18:57:52:12:E6:70","sha256":"A3:3B:76:C0:1A:09:4B:DB:69:3F:5F:87:2F:3E:D8:E5:B2:6B:6E:54:DB:E3:20:D5:CB:76:BA:EA:E6:C6:54:7F"}}},"request":{"raw":"GET /css/w.min.css?v=110 HTTP/1.1\r\nHost: www.g3user.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.g3user.com/\r\nCookie: uc_operation=1782577388\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 16:23:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 15 Jun 2021 09:13:37 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60c86f41-524c\"\r\nexpires: Sun, 28 Jun 2026 04:23:09 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21068,"size_decoded":5068,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"e21fb596de77a9cd446140eaad6c7d65","sha1":"02238e6bff155216ea96e571892fefa82a24b840","sha256":"e90e806c98a5b188c65378b51275ef6c47bafd994f49064b75ff93bfc5376d58","sha512":"82876db189615233d5f1d7b42fc6e4043c3952c1d4f3c9423fcb88f041ef9f17c2aea9be9f4b0344cadab5454b0635aaea969ff12411542f6819e4c0a7791da8","ssdeep":"384:xgVTMBl4aUDCrCLXcGkb32JfztLf0xks/gLeUEktWfCuH6ZszwwMt:ZQ0xkHLwC","tlshash":"8a924014ca456109b63be6f5b7624b95b72e5043b7034bbdbff431a8e28a88c4136fc4","first_seen":"2026-06-27T16:23:40.64595Z","last_seen":"2026-06-27T16:23:40.64595Z","times_seen":1,"resource_available":false,"data":null}},"time_used":430,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":430,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"www.g3user.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/sd/ncpc/nc.css?t=1468897068092","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"23.214.96.142","port":443,"asn":35994,"as":"AKAMAI-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.g3user.com/","date":"2026-06-27T16:23:09.299Z","timestamp":1782577389299,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"air.alistatic.com","organization":""},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 25 Mar 2026 00:00:00 GMT","end":"Fri, 09 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C2:35:9B:C3:B4:D8:FB:F0:34:45:8B:01:57:DA:05:14:55:73:CD:F9","sha256":"A9:F8:4E:8C:58:1F:17:02:7E:7F:A2:E1:40:E5:2F:83:85:BA:0B:69:1C:A6:4C:D0:47:24:81:D6:20:F3:E3:CE"}}},"request":{"raw":"GET /sd/ncpc/nc.css?t=1468897068092 HTTP/1.1\r\nHost: g.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.g3user.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css\r\nserver: Tengine\r\nx-oss-request-id: 6A3FF8EDD7AA7A3433F0D749\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 5636844986190581733\r\nx-oss-storage-class: Standard\r\ncontent-md5: W6ueR/1LD7hdBy9TKg9Iaw==\r\nx-oss-server-time: 3\r\ncontent-encoding: gzip\r\nx-bucket-code: 3\r\nups-target-key: cdn-relay.vipserver\r\nx-protocol: HTTP/1.1\r\neagleeye-traceid: 211b761b17825773894246310e0e61\r\nstrict-transport-security: max-age=0\r\ns-brt: 9\r\ns-rt: 9\r\ncontent-length: 3099\r\ncache-control: max-age=3600, s-maxage=3600\r\nexpires: Sat, 27 Jun 2026 17:23:09 GMT\r\ndate: Sat, 27 Jun 2026 16:23:09 GMT\r\nalt-svc: h3=\":443\"; ma=93600,h3-29=\":443\"; ma=93600\r\nvary: Accept-Encoding\r\nserved-from: 23.213.134.143\r\nnetwork_info: NO_OSLO_50304\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: FW_IP\r\nfw_ip: 23.214.96.142\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12991,"size_decoded":3982,"mime_type":"text/css","magic":"ASCII text, with very long lines (12973)","md5":"5bab9e47fd4b0fb85d072f532a0f486b","sha1":"911d6b1918657d2893ac319e21a887991f4ac8d5","sha256":"048608e8a0f96b8c02d49dc8b96579cb42ccc0027747cccf774fb3c8fc5de3ab","sha512":"aa163f1d9eb0bd634b3e50c7b7daefa9364a3826c4803a359e1e88ba524a6380797385e570adce697ae78a891b050f8f85d966c77573a2af2814a2177e6df7d1","ssdeep":"192:Ndn9N5624xIqiAAxiwusQgFZgIgmgsgogEupgogXgogxgoggpgog+gbyHXewbaes:JNXusoewbaEC","tlshash":"004275208685201eba67d12d34c2639c353de1b3f693be7cab95e970cbdd0a1156fe84","first_seen":"2023-04-11T19:11:07Z","last_seen":"2026-06-27T16:23:40.646892Z","times_seen":60,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":3,"connect":1,"send":0,"wait":126,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.g3user.com/js/bindanchor.js","fqdn":"www.g3user.com","domain":"g3user.com","tld":"com"},"ip":{"addr":"39.105.1.11","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.g3user.com/","date":"2026-06-27T16:23:09.344Z","timestamp":1782577389344,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.g3user.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 15 Apr 2026 06:08:26 GMT","end":"Tue, 14 Jul 2026 06:08:25 GMT"},"fingerprint":{"sha1":"65:8D:06:E7:05:AF:BD:73:F0:F3:FB:10:C5:71:18:57:52:12:E6:70","sha256":"A3:3B:76:C0:1A:09:4B:DB:69:3F:5F:87:2F:3E:D8:E5:B2:6B:6E:54:DB:E3:20:D5:CB:76:BA:EA:E6:C6:54:7F"}}},"request":{"raw":"GET /js/bindanchor.js HTTP/1.1\r\nHost: www.g3user.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.g3user.com/\r\nCookie: uc_operation=1782577388\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 16:23:09 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 15 May 2019 10:33:16 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5cdbeaec-e3f\"\r\nexpires: Sun, 28 Jun 2026 04:23:09 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3647,"size_decoded":1764,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"421662109475ab27b6b3588ebdef4e52","sha1":"75b67b28a351cbdf88598f251b8e59779ad34ef8","sha256":"ca66707afac7909904f0668c924ca224700e8adee9a2e8dca88b563187f37c22","sha512":"5392b4dd72a03b60ab3e0a0da60ad532910e9f0124981a40766e7724120406f387048cb3effd50fa45d0da795d425ce68eec0b4a628dcf7d1f6853f55bc5e7af","ssdeep":"","tlshash":"2a7154c4324ec93e679023e247fef11ce86ed0720751a5a8fda79a956ce460d0329b69","first_seen":"2026-06-27T16:23:40.647871Z","last_seen":"2026-06-27T16:23:40.647871Z","times_seen":1,"resource_available":true,"data":null}},"time_used":819,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":819,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"www.g3user.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/AWSC/AWSC/awsc.js?_t=247580","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"23.214.96.142","port":443,"asn":35994,"as":"AKAMAI-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.g3user.com/","date":"2026-06-27T16:23:10.198Z","timestamp":1782577390198,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"air.alistatic.com","organization":""},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 25 Mar 2026 00:00:00 GMT","end":"Fri, 09 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C2:35:9B:C3:B4:D8:FB:F0:34:45:8B:01:57:DA:05:14:55:73:CD:F9","sha256":"A9:F8:4E:8C:58:1F:17:02:7E:7F:A2:E1:40:E5:2F:83:85:BA:0B:69:1C:A6:4C:D0:47:24:81:D6:20:F3:E3:CE"}}},"request":{"raw":"GET /AWSC/AWSC/awsc.js?_t=247580 HTTP/1.1\r\nHost: g.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.g3user.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: application/javascript\r\nserver: Tengine\r\nx-oss-request-id: 6A3FF3852547D439333FFA30\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 559043368802848044\r\nx-oss-storage-class: Standard\r\ncontent-md5: BEllSu1kB6JSbzztZg06rQ==\r\nx-oss-server-time: 2\r\ncontent-encoding: gzip\r\nx-bucket-code: 3\r\nups-target-key: cdn-relay.vipserver\r\nx-protocol: HTTP/1.1\r\neagleeye-traceid: 210386b817825760056156815e0f93\r\nstrict-transport-security: max-age=0\r\ns-brt: 9\r\ns-rt: 10\r\ncontent-length: 3698\r\ncache-control: max-age=5815, s-maxage=3600\r\nexpires: Sat, 27 Jun 2026 18:00:05 GMT\r\ndate: Sat, 27 Jun 2026 16:23:10 GMT\r\nalt-svc: h3=\":443\"; ma=93600,h3-29=\":443\"; ma=93600\r\nvary: Accept-Encoding\r\nquic-version: 0x00000001\r\nserved-from: 23.213.134.142\r\nnetwork_info: NO_OSLO_50304\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: FW_IP\r\nfw_ip: 23.214.96.142\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10956,"size_decoded":4601,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10956), with no line terminators","md5":"0449654aed6407a2526f3ced660d3aad","sha1":"672139f00638f9c596ee6db7ac38b5df59deff12","sha256":"454463459ab3819af7cd400a3f14f8c71beba1958b1459f042e7205ea0d9e358","sha512":"c8e6e25be196a5947c4d6211f20a0747b216e58f066713beaf08deb98b5e4eba6cc996021f6063265a082ed183fa6130449da1348d7516928da35f42853e3111","ssdeep":"192:pTat7umFhdVJdHjzCYJKjvR1YJ5JW3S+jHa8C4T9tSQjPKczC:E5JVZcjvR1A5JW3lHQc3Y","tlshash":"5232e7cf3a60715b6b624c72f8bf1148393b2ae7144dd055aa4ce4c066bc37e196bed8","first_seen":"2026-06-08T10:37:17.904993Z","last_seen":"2026-07-01T22:37:02.440298Z","times_seen":156,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"g3user.com/","fqdn":"g3user.com","domain":"g3user.com","tld":"com"},"ip":{"addr":"203.107.45.167","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-27T16:23:06.550Z","timestamp":1782577386550,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: g3user.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: Tengine\r\nDate: Sat, 27 Jun 2026 16:23:07 GMT\r\nContent-Type: text/html;charset=utf-8\r\nContent-Length: 0\r\nConnection: keep-alive\r\nKeep-Alive: timeout=15\r\nBackendServer: Aliyun URL Forwarding Server\r\nLocation: http://www.g3user.com\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-01T23:08:01.783777Z","times_seen":16894679,"resource_available":true,"data":null}},"time_used":708,"timings":{"blocked":-1,"dns":3,"connect":225,"send":0,"wait":480,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"g3user.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"g.alicdn.com/sd/ncpc/nc.js?t=1468897068092","fqdn":"g.alicdn.com","domain":"alicdn.com","tld":"com"},"ip":{"addr":"23.214.96.142","port":443,"asn":35994,"as":"AKAMAI-AS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.g3user.com/","date":"2026-06-27T16:23:09.301Z","timestamp":1782577389301,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"air.alistatic.com","organization":""},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 25 Mar 2026 00:00:00 GMT","end":"Fri, 09 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C2:35:9B:C3:B4:D8:FB:F0:34:45:8B:01:57:DA:05:14:55:73:CD:F9","sha256":"A9:F8:4E:8C:58:1F:17:02:7E:7F:A2:E1:40:E5:2F:83:85:BA:0B:69:1C:A6:4C:D0:47:24:81:D6:20:F3:E3:CE"}}},"request":{"raw":"GET /sd/ncpc/nc.js?t=1468897068092 HTTP/1.1\r\nHost: g.alicdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.g3user.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: application/javascript\r\nserver: Tengine\r\nx-oss-request-id: 6A3FF8ED73EA413638FFA0D6\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 1561788439659902122\r\nx-oss-storage-class: Standard\r\ncontent-md5: EZmEYdPXfd6efvcqZeCEKQ==\r\nx-oss-server-time: 1\r\ncontent-encoding: gzip\r\nx-bucket-code: 3\r\nups-target-key: cdn-relay.vipserver\r\nx-protocol: HTTP/1.1\r\neagleeye-traceid: 21039cff17825773896323745e0f69\r\nstrict-transport-security: max-age=0\r\ns-brt: 20\r\ns-rt: 21\r\ncache-control: max-age=3600, s-maxage=3600\r\nexpires: Sat, 27 Jun 2026 17:23:09 GMT\r\ndate: Sat, 27 Jun 2026 16:23:09 GMT\r\nalt-svc: h3=\":443\"; ma=93600,h3-29=\":443\"; ma=93600\r\nvary: Accept-Encoding\r\nquic-version: 0x00000001\r\nserved-from: 23.213.134.142\r\nnetwork_info: NO_OSLO_50304\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: FW_IP\r\nfw_ip: 23.214.96.142\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":221174,"size_decoded":58261,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32041)","md5":"11998461d3d77dde9e7ef72a65e08429","sha1":"3863ac62c17ae5e0de527e1a8eeaea40e07c2531","sha256":"994aae2408fa3aaca7faec5f32d6b0245012786ee65eec40df3ab54b48992b0a","sha512":"b43185549d78f17805626a4252fcf8a95d9c608d00e5c0384800b6f6a4669b8dbd9770bd4a8111e81f8bebdc94e07900f29f81a8cc11ec59310fb0a57354779e","ssdeep":"6144:82FkFcwdCl/viCF7TWjO9vE6qTYEBJg4EOBFuYyLJi:+dCl/viCF7vE6qvBK4EOBH","tlshash":"52244ad9b382301e06a354acdcff360e71369982a805c978fbb1d4d69b7895b511bf2c","first_seen":"2023-08-15T13:48:39Z","last_seen":"2026-07-01T20:52:37.700254Z","times_seen":59959,"resource_available":true,"data":null}},"time_used":447,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":204,"receive":17,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.g3user.com/js/wslider.js?v=0721","fqdn":"www.g3user.com","domain":"g3user.com","tld":"com"},"ip":{"addr":"39.105.1.11","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.g3user.com/","date":"2026-06-27T16:23:09.340Z","timestamp":1782577389340,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.g3user.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 15 Apr 2026 06:08:26 GMT","end":"Tue, 14 Jul 2026 06:08:25 GMT"},"fingerprint":{"sha1":"65:8D:06:E7:05:AF:BD:73:F0:F3:FB:10:C5:71:18:57:52:12:E6:70","sha256":"A3:3B:76:C0:1A:09:4B:DB:69:3F:5F:87:2F:3E:D8:E5:B2:6B:6E:54:DB:E3:20:D5:CB:76:BA:EA:E6:C6:54:7F"}}},"request":{"raw":"GET /js/wslider.js?v=0721 HTTP/1.1\r\nHost: www.g3user.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.g3user.com/\r\nCookie: uc_operation=1782577388\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 16:23:09 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 15 May 2019 10:33:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5cdbeaee-46a\"\r\nexpires: Sun, 28 Jun 2026 04:23:09 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1130,"size_decoded":740,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"fa377f1eb364e8b5c2a7927b9079ec04","sha1":"564e157539c985e707bfe83d83126f858a468fe1","sha256":"0ba9625dc8c37aada69c575aa79b29ddad1c8d1deaadcc8830b28cb00259cc12","sha512":"f1205523446cf7eda4ac9bdf550930a4db5a7d43af9ed97a18aa4881220a0be34634a846d0d508c20490aaebd3deee191d9fe6f6497c1bd207696b3231ab7a0d","ssdeep":"","tlshash":"5a21366a75532a68a13223349b7f5c04ddab10270b0397c0bea590e55ff020ca65dffc","first_seen":"2026-06-27T16:23:40.649949Z","last_seen":"2026-06-27T16:23:40.649949Z","times_seen":1,"resource_available":true,"data":null}},"time_used":818,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":818,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"www.g3user.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fourier.alibaba.com/ts?url=\u0026token=gV4S1NvmVfD4Z-1RpL5VluTSALgFgs7wPBGLsWLy943JppFt388-aY8IvxwnU0u8RoYQsW4PZ25kr70nJOWN7yNuZ2VLhKfl3SCKt2G8BDiaq70nJtWN7NPuZ8GDQcWIJs_x1XgpJ0eKkqHmtXp-9UCbMxDxJveKJsNxnX3KpJ3dGSHDwuTjOgM4N68Shxxh0AN-heLLk0mSd7KeJeUjN0tuwxO2grGSVAP-heLLR5NLzqZ6pgFsoPoUkbXvJbqTFrg8yKQnizPLPDaCdH0LD8z14sLZCpo9AIiMJjtlGstHxwJ4u61fGHxn2jcSQs1XbHm-ijMNGstHx0hmNA5fGh-h.\u0026cna=undefined\u0026ext=1","fqdn":"fourier.alibaba.com","domain":"alibaba.com","tld":"com"},"ip":{"addr":"47.246.167.183","port":443,"asn":45102,"as":"Alibaba US Technology Co., Ltd.","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.g3user.com/","date":"2026-06-27T16:23:10.577Z","timestamp":1782577390577,"http_version":"HTTP/2","security_state":"","security_info":null,"request":{"raw":"GET /ts?url=\u0026token=gV4S1NvmVfD4Z-1RpL5VluTSALgFgs7wPBGLsWLy943JppFt388-aY8IvxwnU0u8RoYQsW4PZ25kr70nJOWN7yNuZ2VLhKfl3SCKt2G8BDiaq70nJtWN7NPuZ8GDQcWIJs_x1XgpJ0eKkqHmtXp-9UCbMxDxJveKJsNxnX3KpJ3dGSHDwuTjOgM4N68Shxxh0AN-heLLk0mSd7KeJeUjN0tuwxO2grGSVAP-heLLR5NLzqZ6pgFsoPoUkbXvJbqTFrg8yKQnizPLPDaCdH0LD8z14sLZCpo9AIiMJjtlGstHxwJ4u61fGHxn2jcSQs1XbHm-ijMNGstHx0hmNA5fGh-h.\u0026cna=undefined\u0026ext=1 HTTP/1.1\r\nHost: fourier.alibaba.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.g3user.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sat, 27 Jun 2026 16:23:11 GMT\r\ncontent-type: image/gif\r\ncontent-length: 0\r\nserver: Tengine/Aserver\r\neagleeye-traceid: 2102e9bb17825773919747034e35df\r\nstrict-transport-security: max-age=31536000\r\ntiming-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-01T23:08:01.783777Z","times_seen":16894679,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.g3user.com/favicon.ico","fqdn":"www.g3user.com","domain":"g3user.com","tld":"com"},"ip":{"addr":"39.105.1.11","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.g3user.com/","date":"2026-06-27T16:23:11.857Z","timestamp":1782577391857,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.g3user.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 15 Apr 2026 06:08:26 GMT","end":"Tue, 14 Jul 2026 06:08:25 GMT"},"fingerprint":{"sha1":"65:8D:06:E7:05:AF:BD:73:F0:F3:FB:10:C5:71:18:57:52:12:E6:70","sha256":"A3:3B:76:C0:1A:09:4B:DB:69:3F:5F:87:2F:3E:D8:E5:B2:6B:6E:54:DB:E3:20:D5:CB:76:BA:EA:E6:C6:54:7F"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.g3user.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.g3user.com/\r\nCookie: uc_operation=1782577388; _uab_collina=178257738978110768744301; tfstk=gSyE64OmQIp1hvb00oDP7k7AwwlKFY7X88gSquqoA20HdpTu_rmJOpsKN5uzSPu3zuIKq44uz4NCftZLvYHllzWfhkElnIFQLYY7jvn5-0ob4tZLvhDllZ6fh_zMvFNnrzAHsf0tmDDotXjZS0ovZe4oEGSZW0DorzDlbl0tqY0urYjajQU4EJvZ2XjL4p77KGnnTqqn7L88Qcce9k0wEL2whXuDFVJkERoL2XBkedXooSUgsWV2xdGSBVoSi8SX9cPu88P0Fg9roSquKXPOQem_tgSWyc4WZ8FerQcHFcufbGrZPyQnuwuy0Qd-scnZlMjHwQhnXcufbGRJwfmtbqshx\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 16:23:11 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 3638\r\nlast-modified: Wed, 15 May 2019 10:32:46 GMT\r\netag: \"5cdbeace-e36\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3638,"size_decoded":3910,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 2 icons, 16x16, 32x32","md5":"18ff4c71803ab73bf736c12ec4027a4f","sha1":"a5424ecb9bf38b916f106a649a893c6dd6cdfabc","sha256":"0d1fa263fbf90894f0a3aaa1107df8a019a2494c620f58b264ca2492082ff5f2","sha512":"c7d5b52b31b2c1359c92fb1502c382c10413639a6a9dee06613e3eb5f1a48c11f7b486e774a752d80b36cb0f4c7274d0cef2eac53231f4c52175dd4d3e8eb799","ssdeep":"","tlshash":"a971d6007b02e1f9ea648339989583a84349895f9477d9035ca0ade9fded3cb152f9d0","first_seen":"2026-06-27T16:23:40.650905Z","last_seen":"2026-06-27T16:23:40.650905Z","times_seen":1,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"www.g3user.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ynuf.aliapp.org/service/um.json","fqdn":"ynuf.aliapp.org","domain":"aliapp.org","tld":"org"},"ip":{"addr":"124.239.14.253","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.g3user.com/","date":"2026-06-27T16:23:13.946Z","timestamp":1782577393946,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.alibabachengdun.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 25 Aug 2025 09:24:02 GMT","end":"Sat, 26 Sep 2026 06:36:06 GMT"},"fingerprint":{"sha1":"83:AC:BD:AD:0B:7A:31:35:75:95:04:FE:D8:F8:D2:86:A6:DB:D5:AD","sha256":"D0:7E:18:88:DE:9B:87:39:AC:67:4B:63:08:74:A5:B2:F3:9A:6F:7C:4C:3C:7E:EE:E4:12:D6:DE:1C:C8:F3:9B"}}},"request":{"raw":"POST /service/um.json HTTP/1.1\r\nHost: ynuf.aliapp.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nContent-Length: 545\r\nOrigin: https://www.g3user.com\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.g3user.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 \r\nserver: Tengine\r\ndate: Sat, 27 Jun 2026 16:23:14 GMT\r\ncontent-type: text/plain;charset=UTF-8\r\ncontent-length: 153\r\nx-application-context: umid-web:cn-prod:7001\r\naccess-control-allow-origin: https://www.g3user.com\r\naccess-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Accept,X-PINGARUNER,CONTENT-TYPE,X-Requested-With\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Spring","description":"","website":"https://spring.io/","common_platform_enumeration":"","icon":"Spring.png","categories":["Web frameworks"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":153,"size_decoded":795,"mime_type":"text/plain; charset=UTF-8","magic":"JSON text data","md5":"2c8d982922a077b624c976e735c7c141","sha1":"b0fc38189a86d0b2f98af21bfa55a32f60ede2fa","sha256":"856b13b78084b4ee5e6f21595a24cd360081ac607a4086f5f9edde1c81ec5fa9","sha512":"6f40cee14070a01bb27df24255d769bd70ad7d057ff6ca517b3d39c5ef3e2ae4f70459fb4d5deebd8d60c0766edcaf5b896e8cce82ba8ab896f6abf4bf6f5137","ssdeep":"","tlshash":"3ac08c20082490d2df25b19d28c426929cc46e98bc28ca822eea1872431e431389e3eb","first_seen":"2026-06-27T16:23:40.651894Z","last_seen":"2026-06-27T16:23:40.651894Z","times_seen":1,"resource_available":false,"data":null}},"time_used":697,"timings":{"blocked":0,"dns":0,"connect":229,"send":0,"wait":233,"receive":0,"ssl":234},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.g3user.com/js/app.js","fqdn":"www.g3user.com","domain":"g3user.com","tld":"com"},"ip":{"addr":"39.105.1.11","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.g3user.com/","date":"2026-06-27T16:23:09.337Z","timestamp":1782577389337,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.g3user.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 15 Apr 2026 06:08:26 GMT","end":"Tue, 14 Jul 2026 06:08:25 GMT"},"fingerprint":{"sha1":"65:8D:06:E7:05:AF:BD:73:F0:F3:FB:10:C5:71:18:57:52:12:E6:70","sha256":"A3:3B:76:C0:1A:09:4B:DB:69:3F:5F:87:2F:3E:D8:E5:B2:6B:6E:54:DB:E3:20:D5:CB:76:BA:EA:E6:C6:54:7F"}}},"request":{"raw":"GET /js/app.js HTTP/1.1\r\nHost: www.g3user.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.g3user.com/\r\nCookie: uc_operation=1782577388\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 16:23:09 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 0\r\nlast-modified: Tue, 06 Jul 2021 06:08:41 GMT\r\netag: \"60e3f369-0\"\r\nexpires: Sun, 28 Jun 2026 04:23:09 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":347,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-01T23:08:01.783777Z","times_seen":16894679,"resource_available":true,"data":null}},"time_used":820,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":820,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"www.g3user.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.g3user.com/images/xin/bodybg.jpg","fqdn":"www.g3user.com","domain":"g3user.com","tld":"com"},"ip":{"addr":"39.105.1.11","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.g3user.com/","date":"2026-06-27T16:23:09.797Z","timestamp":1782577389797,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.g3user.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 15 Apr 2026 06:08:26 GMT","end":"Tue, 14 Jul 2026 06:08:25 GMT"},"fingerprint":{"sha1":"65:8D:06:E7:05:AF:BD:73:F0:F3:FB:10:C5:71:18:57:52:12:E6:70","sha256":"A3:3B:76:C0:1A:09:4B:DB:69:3F:5F:87:2F:3E:D8:E5:B2:6B:6E:54:DB:E3:20:D5:CB:76:BA:EA:E6:C6:54:7F"}}},"request":{"raw":"GET /images/xin/bodybg.jpg HTTP/1.1\r\nHost: www.g3user.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.g3user.com/\r\nCookie: uc_operation=1782577388; _uab_collina=178257738978110768744301\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 16:23:10 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 283068\r\nlast-modified: Tue, 15 Jun 2021 09:18:38 GMT\r\netag: \"60c8706e-451bc\"\r\nexpires: Mon, 27 Jul 2026 16:23:10 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":283068,"size_decoded":283414,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3","md5":"dd1a39f9fbc9c1042c4768104fce82f1","sha1":"d0f1e4539a1876aa6421af5c3f8b4af2229fa2dc","sha256":"4e417780f3d0f672ed4e1841767498d6a4f54ab410a56c03e854eac2fd268ba5","sha512":"9e67958b92fbe99080faa93cfa03f95d42d7fde5aa9e13b35e4589d5bcdccd65162364240254f7004aeb84e2b485c6e0fa34172d5ffb4585c225a9adef53a76d","ssdeep":"6144:52jbXGmh7Jt0d5koP7EpKh7CDk4GRL1u7x5r/PNafylRgfh0U/8cuXw/ek:52j6mp3I5koPPh7z4Aut5b4fyo0UhuAx","tlshash":"e75423fb773016b386080136a5abd8bb91b6e7bd9f9085d8825dad3737113c2c98b507","first_seen":"2026-06-27T16:23:40.652832Z","last_seen":"2026-06-27T16:23:40.652832Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1217,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":785,"receive":432,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"www.g3user.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cf.aliyun.com/nocaptcha/initialize.jsonp?a=4S3P\u0026t=4S3P%3A1782577390189%3A0.515384956288162\u0026scene=login\u0026lang=cn\u0026v=v1.2.21\u0026href=https%3A%2F%2Fwww.g3user.com%2F\u0026comm={}\u0026callback=initializeJsonp_09653138410174106","fqdn":"cf.aliyun.com","domain":"aliyun.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.g3user.com/","date":"2026-06-27T16:23:10.196Z","timestamp":1782577390196,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /nocaptcha/initialize.jsonp?a=4S3P\u0026t=4S3P%3A1782577390189%3A0.515384956288162\u0026scene=login\u0026lang=cn\u0026v=v1.2.21\u0026href=https%3A%2F%2Fwww.g3user.com%2F\u0026comm={}\u0026callback=initializeJsonp_09653138410174106 HTTP/1.1\r\nHost: cf.aliyun.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.g3user.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-01T23:08:01.783777Z","times_seen":16894679,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gm.mmstat.com/fsp.1.1?code=13\u0026msg=init%20monitor%3B\u0026pid=sufeiPunish\u0026page=https%3A%2F%2Fwww.g3user.com%2F\u0026query=\u0026hash=\u0026referrer=\u0026title=G3%E4%BA%91%E5%B9%B3%E5%8F%B0%20-%20%E4%BC%9A%E5%91%98%E7%99%BB%E5%BD%95def\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026c1=4S3P%3A1782577390189%3A0.515384956288162\u0026c2=4S3P","fqdn":"gm.mmstat.com","domain":"mmstat.com","tld":"com"},"ip":{"addr":"140.205.151.7","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.g3user.com/","date":"2026-06-27T16:23:10.203Z","timestamp":1782577390203,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.mmstat.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 19 Aug 2025 02:56:06 GMT","end":"Sun, 20 Sep 2026 02:56:05 GMT"},"fingerprint":{"sha1":"7C:13:25:46:2F:64:13:1E:A7:7B:50:51:78:5D:DD:1B:46:AD:92:45","sha256":"CC:8B:73:1A:27:B7:01:E3:65:42:24:D4:35:CF:4D:91:4C:3F:CA:BD:33:A1:DD:93:93:39:CA:45:DB:3A:02:A7"}}},"request":{"raw":"GET /fsp.1.1?code=13\u0026msg=init%20monitor%3B\u0026pid=sufeiPunish\u0026page=https%3A%2F%2Fwww.g3user.com%2F\u0026query=\u0026hash=\u0026referrer=\u0026title=G3%E4%BA%91%E5%B9%B3%E5%8F%B0%20-%20%E4%BC%9A%E5%91%98%E7%99%BB%E5%BD%95def\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026c1=4S3P%3A1782577390189%3A0.515384956288162\u0026c2=4S3P HTTP/1.1\r\nHost: gm.mmstat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.g3user.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 16:23:12 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\np3p: CP=\"NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV\"\r\ncross-origin-resource-policy: cross-origin\r\nset-cookie: sca=dad8130c; path=/; domain=.mmstat.com\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\ncache-control: no-cache\r\npragma: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":424,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-07-01T23:05:48.842912Z","times_seen":370535,"resource_available":true,"data":null}},"time_used":2436,"timings":{"blocked":-1,"dns":3,"connect":201,"send":0,"wait":189,"receive":0,"ssl":2043},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gm.mmstat.com/fsp.1.1?code=13\u0026msg=%3Dnc_1_nocaptcha%3Dnc_1_wrapperclass%3Dnc_wrapper%3Dnc_1__n1t_loangclass%3Dnc_scale%3Dnc_1__bgclass%3Dnc_bgstyle%3Dwth%3A0%3B%3Dnc_1__scale_text_loangclass%3Dscale_textspanclass%3Dnc-lang-cntata-nc-lang%3D_Loangb%E5%8A%A0%E8%BD%BD%E4%B8%ADbspan%3Dnc-loang-crcleclass%3Dnc-loang-crcleclass%3Dsk-crcle1sk-crcleclass%3Dsk-crcle2sk-crcleclass%3Dsk-crcle3sk-crcleclass%3Dsk-crcle4sk-crcleclass%3Dsk-crcle5sk-crcleclass%3Dsk-crcle6sk-crcleclass%3Dsk-crcle7sk-crcleclass%3Dsk-crcle8sk-crcleclass%3Dsk-crcle9sk-crcleclass%3Dsk-crcle10sk-crcleclass%3Dsk-crcle11sk-crcleclass%3Dsk-crcle12sk-crcle%3B\u0026pid=sufeiPunish\u0026page=https%3A%2F%2Fwww.g3user.com%2F\u0026query=\u0026hash=\u0026referrer=\u0026title=G3%E4%BA%91%E5%B9%B3%E5%8F%B0%20-%20%E4%BC%9A%E5%91%98%E7%99%BB%E5%BD%95def\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026c1=4S3P%3A1782577390189%3A0.515384956288162\u0026c2=4S3P","fqdn":"gm.mmstat.com","domain":"mmstat.com","tld":"com"},"ip":{"addr":"140.205.151.7","port":443,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.g3user.com/","date":"2026-06-27T16:23:10.205Z","timestamp":1782577390205,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.mmstat.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 OV TLS CA 2024","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 19 Aug 2025 02:56:06 GMT","end":"Sun, 20 Sep 2026 02:56:05 GMT"},"fingerprint":{"sha1":"7C:13:25:46:2F:64:13:1E:A7:7B:50:51:78:5D:DD:1B:46:AD:92:45","sha256":"CC:8B:73:1A:27:B7:01:E3:65:42:24:D4:35:CF:4D:91:4C:3F:CA:BD:33:A1:DD:93:93:39:CA:45:DB:3A:02:A7"}}},"request":{"raw":"GET /fsp.1.1?code=13\u0026msg=%3Dnc_1_nocaptcha%3Dnc_1_wrapperclass%3Dnc_wrapper%3Dnc_1__n1t_loangclass%3Dnc_scale%3Dnc_1__bgclass%3Dnc_bgstyle%3Dwth%3A0%3B%3Dnc_1__scale_text_loangclass%3Dscale_textspanclass%3Dnc-lang-cntata-nc-lang%3D_Loangb%E5%8A%A0%E8%BD%BD%E4%B8%ADbspan%3Dnc-loang-crcleclass%3Dnc-loang-crcleclass%3Dsk-crcle1sk-crcleclass%3Dsk-crcle2sk-crcleclass%3Dsk-crcle3sk-crcleclass%3Dsk-crcle4sk-crcleclass%3Dsk-crcle5sk-crcleclass%3Dsk-crcle6sk-crcleclass%3Dsk-crcle7sk-crcleclass%3Dsk-crcle8sk-crcleclass%3Dsk-crcle9sk-crcleclass%3Dsk-crcle10sk-crcleclass%3Dsk-crcle11sk-crcleclass%3Dsk-crcle12sk-crcle%3B\u0026pid=sufeiPunish\u0026page=https%3A%2F%2Fwww.g3user.com%2F\u0026query=\u0026hash=\u0026referrer=\u0026title=G3%E4%BA%91%E5%B9%B3%E5%8F%B0%20-%20%E4%BC%9A%E5%91%98%E7%99%BB%E5%BD%95def\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026c1=4S3P%3A1782577390189%3A0.515384956288162\u0026c2=4S3P HTTP/1.1\r\nHost: gm.mmstat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://www.g3user.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 16:23:11 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\np3p: CP=\"NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV\"\r\ncross-origin-resource-policy: cross-origin\r\nset-cookie: sca=060c90db; path=/; domain=.mmstat.com\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\ncache-control: no-cache\r\npragma: no-cache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":424,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-07-01T23:05:48.842912Z","times_seen":370535,"resource_available":true,"data":null}},"time_used":1230,"timings":{"blocked":0,"dns":1,"connect":466,"send":0,"wait":190,"receive":0,"ssl":573},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}
