{"report_id":"61e53e67-a68f-407b-b12c-e26d547ea2b4","version":6,"status":"done","tags":[],"date":"2025-11-12T07:52:36Z","url":{"schema":"http","addr":"zgungames.com/","fqdn":"zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":0,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"www.zgungames.com/","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"title":"9001jcc金沙以诚为本(中国)有限公司-WeiXin百科","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"zgungames.com/","fqdn":"zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":0,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-17T07:52:36Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":20,"urlquery":0,"analyzer":3}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41578,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.474321+0000\",\"flow_id\":289853328692448,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41578,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/ssico.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":708},\"files\":[{\"filename\":\"/Skins/329529/images/ssico.png\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":708,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":5,\"bytes_toserver\":666,\"bytes_toclient\":3214,\"start\":\"2025-11-12T07:52:17.890080+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41596,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.476967+0000\",\"flow_id\":12520847941992,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41596,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/logo.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":5,\"bytes_toserver\":665,\"bytes_toclient\":2516,\"start\":\"2025-11-12T07:52:17.893288+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41588,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.500631+0000\",\"flow_id\":1993441369234031,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41588,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/hengf.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":5,\"bytes_toserver\":666,\"bytes_toclient\":2508,\"start\":\"2025-11-12T07:52:17.891503+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41564,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.554907+0000\",\"flow_id\":1538095378960021,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41564,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/indbkbg.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2168},\"files\":[{\"filename\":\"/Skins/329529/images/indbkbg.png\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":2168,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":6,\"bytes_toserver\":722,\"bytes_toclient\":4166,\"start\":\"2025-11-12T07:52:17.888469+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41636,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.724233+0000\",\"flow_id\":974621439570920,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41636,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/arrows1.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":614,\"bytes_toclient\":2339,\"start\":\"2025-11-12T07:52:18.144360+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41604,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.790065+0000\",\"flow_id\":593105937114079,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41604,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/kefu.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":611,\"bytes_toclient\":2443,\"start\":\"2025-11-12T07:52:18.140255+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41596,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.815013+0000\",\"flow_id\":12520847941992,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41596,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/flbtbg2.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1460},\"files\":[{\"filename\":\"/Skins/329529/images/flbtbg2.png\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":1460,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":20,\"pkts_toclient\":22,\"bytes_toserver\":1853,\"bytes_toclient\":24355,\"start\":\"2025-11-12T07:52:17.893288+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41578,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.857377+0000\",\"flow_id\":289853328692448,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41578,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/flbtbg1.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2167},\"files\":[{\"filename\":\"/Skins/329529/images/flbtbg1.png\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":2167,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":10,\"bytes_toserver\":1314,\"bytes_toclient\":8335,\"start\":\"2025-11-12T07:52:17.890080+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41620,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.870650+0000\",\"flow_id\":1885861028441595,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41620,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/mulu2.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":612,\"bytes_toclient\":2440,\"start\":\"2025-11-12T07:52:18.142843+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41564,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.891611+0000\",\"flow_id\":1538095378960021,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41564,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/kefu-tb.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1460},\"files\":[{\"filename\":\"/Skins/329529/images/kefu-tb.png\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":1460,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":12,\"bytes_toserver\":1328,\"bytes_toclient\":11084,\"start\":\"2025-11-12T07:52:17.888469+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:19Z","timestamp":1762933939,"ip_dst":{"addr":"172.18.0.2","port":41610,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:19.061764+0000\",\"flow_id\":1434011141548065,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41610,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/mulu0.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1915},\"files\":[{\"filename\":\"/Skins/329529/images/mulu0.png\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":1915,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":6,\"bytes_toserver\":1162,\"bytes_toclient\":3004,\"start\":\"2025-11-12T07:52:18.141345+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:19Z","timestamp":1762933939,"ip_dst":{"addr":"172.18.0.2","port":41610,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:19.093114+0000\",\"flow_id\":1434011141548065,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41610,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/zxbtn.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2169},\"files\":[{\"filename\":\"/Skins/329529/images/zxbtn.png\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":2169,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":9,\"pkts_toclient\":9,\"bytes_toserver\":1282,\"bytes_toclient\":7546,\"start\":\"2025-11-12T07:52:18.141345+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:19Z","timestamp":1762933939,"ip_dst":{"addr":"172.18.0.2","port":41578,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:19.168265+0000\",\"flow_id\":289853328692448,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41578,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/morejt2.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1460},\"files\":[{\"filename\":\"/Skins/329529/images/morejt2.png\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":1460,\"tx_id\":2}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":17,\"pkts_toclient\":18,\"bytes_toserver\":2070,\"bytes_toclient\":17326,\"start\":\"2025-11-12T07:52:17.890080+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:19Z","timestamp":1762933939,"ip_dst":{"addr":"172.18.0.2","port":41596,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:19.180994+0000\",\"flow_id\":12520847941992,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41596,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/indnew_bg.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1460},\"files\":[{\"filename\":\"/Skins/329529/images/indnew_bg.jpg\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":1460,\"tx_id\":2}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":24,\"pkts_toclient\":29,\"bytes_toserver\":2449,\"bytes_toclient\":32003,\"start\":\"2025-11-12T07:52:17.893288+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:19Z","timestamp":1762933939,"ip_dst":{"addr":"172.18.0.2","port":41564,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:19.251329+0000\",\"flow_id\":1538095378960021,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41564,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/footli1.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1460},\"files\":[{\"filename\":\"/Skins/329529/images/footli1.png\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":1460,\"tx_id\":2}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":19,\"pkts_toclient\":28,\"bytes_toserver\":2192,\"bytes_toclient\":31134,\"start\":\"2025-11-12T07:52:17.888469+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:19Z","timestamp":1762933939,"ip_dst":{"addr":"172.18.0.2","port":41604,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:19.337150+0000\",\"flow_id\":593105937114079,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41604,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/morejt.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2464},\"files\":[{\"filename\":\"/Skins/329529/images/morejt.png\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":2464,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":18,\"pkts_toclient\":19,\"bytes_toserver\":2122,\"bytes_toclient\":19616,\"start\":\"2025-11-12T07:52:18.140255+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:29Z","timestamp":1762933949,"ip_dst":{"addr":"172.18.0.2","port":41620,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:29.492663+0000\",\"flow_id\":1885861028441595,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41620,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/artico.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2706},\"files\":[{\"filename\":\"/Skins/329529/images/artico.png\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":2706,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":10,\"bytes_toserver\":1313,\"bytes_toclient\":6650,\"start\":\"2025-11-12T07:52:18.142843+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:29Z","timestamp":1762933949,"ip_dst":{"addr":"172.18.0.2","port":41604,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:29.611082+0000\",\"flow_id\":593105937114079,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41604,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/footli2.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2021},\"files\":[{\"filename\":\"/Skins/329529/images/footli2.png\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":2021,\"tx_id\":2}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":20,\"pkts_toclient\":22,\"bytes_toserver\":2230,\"bytes_toclient\":22551,\"start\":\"2025-11-12T07:52:18.140255+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:29Z","timestamp":1762933949,"ip_dst":{"addr":"172.18.0.2","port":41610,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:29.654151+0000\",\"flow_id\":1434011141548065,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41610,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/footli3.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2636},\"files\":[{\"filename\":\"/Skins/329529/images/footli3.png\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":2636,\"tx_id\":2}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":13,\"pkts_toclient\":15,\"bytes_toserver\":1876,\"bytes_toclient\":13817,\"start\":\"2025-11-12T07:52:18.141345+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:30Z","timestamp":1762933950,"ip_dst":{"addr":"172.18.0.2","port":41578,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:30.827511+0000\",\"flow_id\":289853328692448,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41578,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/arrows2.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1362},\"files\":[{\"filename\":\"/Skins/329529/images/arrows2.png\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":1362,\"tx_id\":3}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":21,\"pkts_toclient\":22,\"bytes_toserver\":2664,\"bytes_toclient\":19664,\"start\":\"2025-11-12T07:52:17.890080+0000\"}}"}],"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"89tongji.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"img49.chem17.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2003-03-17","domain_rank":0,"first_seen":"2018-01-22T02:37:37Z","last_seen":"2025-11-09T09:20:57.318107Z","alert_count":0,"request_count":6,"received_data":1193,"sent_data":2994,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"img70.chem17.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2003-03-17","domain_rank":6942770,"first_seen":"2019-03-07T05:18:01Z","last_seen":"2025-11-12T07:50:32.594084Z","alert_count":0,"request_count":6,"received_data":1215,"sent_data":2994,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"img77.chem17.com","ip":{"addr":"218.12.77.90","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2003-03-17","domain_rank":0,"first_seen":"2022-06-02T00:43:33Z","last_seen":"2025-11-12T07:50:32.359024Z","alert_count":0,"request_count":2,"received_data":410,"sent_data":998,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.zgungames.com","ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"domain_registered":"2025-10-10","domain_rank":0,"first_seen":"2025-11-12T07:50:31.699478Z","last_seen":"2025-11-12T07:50:31.699478Z","alert_count":31,"request_count":31,"received_data":457420,"sent_data":12236,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]}]},{"fqdn":"img54.chem17.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2003-03-17","domain_rank":0,"first_seen":"2013-11-27T18:29:56Z","last_seen":"2025-11-12T07:50:31.998742Z","alert_count":0,"request_count":6,"received_data":1230,"sent_data":2994,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"img53.chem17.com","ip":{"addr":"221.229.162.62","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"domain_registered":"2003-03-17","domain_rank":0,"first_seen":"2013-11-27T18:29:54Z","last_seen":"2025-11-07T08:02:26.22657Z","alert_count":0,"request_count":2,"received_data":402,"sent_data":998,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"chat.chem17.com","ip":{"addr":"180.163.146.116","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"domain_registered":"2003-03-17","domain_rank":0,"first_seen":"2014-05-27T23:58:43Z","last_seen":"2025-11-08T03:25:48.187122Z","alert_count":0,"request_count":2,"received_data":1795,"sent_data":854,"comment":"","tags":null,"fingerprints":[{"name":"Microsoft ASP.NET:4.0.30319","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"img68.chem17.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2003-03-17","domain_rank":6356914,"first_seen":"2019-03-18T06:58:55Z","last_seen":"2025-11-07T08:02:26.164912Z","alert_count":0,"request_count":2,"received_data":409,"sent_data":998,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"img79.chem17.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2003-03-17","domain_rank":0,"first_seen":"2022-06-28T01:25:30Z","last_seen":"2025-11-12T07:50:31.719883Z","alert_count":0,"request_count":2,"received_data":400,"sent_data":998,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"img50.chem17.com","ip":{"addr":"218.12.77.90","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2003-03-17","domain_rank":0,"first_seen":"2018-01-04T13:20:18Z","last_seen":"2025-11-08T03:25:48.188618Z","alert_count":0,"request_count":4,"received_data":820,"sent_data":1996,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}]},{"fqdn":"img55.chem17.com","ip":{"addr":"218.12.77.90","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2003-03-17","domain_rank":0,"first_seen":"2013-10-02T03:25:02Z","last_seen":"2025-11-07T08:02:26.300672Z","alert_count":0,"request_count":2,"received_data":411,"sent_data":998,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fcl.xueyuxingfeng.com","ip":{"addr":"27.124.44.6","port":6987,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2021-06-17","domain_rank":0,"first_seen":"2021-06-17T13:30:21Z","last_seen":"2025-11-12T07:50:32.175952Z","alert_count":0,"request_count":1,"received_data":3644,"sent_data":429,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"89tongji.com","ip":{"addr":"94.156.119.89","port":80,"asn":211895,"as":"Serverius Holding B.V.","country":"Bulgaria","country_code":"BG"},"domain_registered":"2023-08-03","domain_rank":3345724,"first_seen":"2023-08-03T16:00:12Z","last_seen":"2025-11-06T15:16:18.215232Z","alert_count":3,"request_count":3,"received_data":69527,"sent_data":1579,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"tp.xinxiyidiantong.com","ip":{"addr":"27.124.44.50","port":5868,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2019-08-03","domain_rank":0,"first_seen":"2022-06-30T09:41:39Z","last_seen":"2025-11-09T08:18:39.375187Z","alert_count":0,"request_count":8,"received_data":1586971,"sent_data":3880,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"api.share.baidu.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"1999-10-11","domain_rank":1421601,"first_seen":"2013-04-25T14:45:11Z","last_seen":"2025-11-11T09:50:13.036826Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":383,"comment":"","tags":null,"fingerprints":null},{"fqdn":"public.mtnets.com","ip":{"addr":"218.11.0.74","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2007-05-21","domain_rank":0,"first_seen":"2019-01-29T13:10:34Z","last_seen":"2025-11-12T07:50:31.697144Z","alert_count":0,"request_count":6,"received_data":409365,"sent_data":2376,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"img73.chem17.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2003-03-17","domain_rank":0,"first_seen":"2020-07-23T08:16:54Z","last_seen":"2025-11-12T07:50:31.744647Z","alert_count":0,"request_count":2,"received_data":410,"sent_data":998,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"push.zhanzhang.baidu.com","ip":{"addr":"182.61.201.93","port":80,"asn":38365,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":1485849,"first_seen":"2015-07-22T05:44:02Z","last_seen":"2025-11-12T04:52:06.491049Z","alert_count":0,"request_count":1,"received_data":426,"sent_data":340,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img59.chem17.com","ip":{"addr":"221.229.162.62","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"domain_registered":"2003-03-17","domain_rank":0,"first_seen":"2013-05-25T14:24:16Z","last_seen":"2025-11-08T06:41:23.670329Z","alert_count":0,"request_count":2,"received_data":402,"sent_data":998,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"pinganfafa.com","ip":{"addr":"143.92.57.25","port":25858,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2024-12-12","domain_rank":6845800,"first_seen":"2024-12-18T10:35:17.798759Z","last_seen":"2025-11-12T07:50:32.758539Z","alert_count":0,"request_count":1,"received_data":2942,"sent_data":786,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"zgungames.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":2,"request_count":2,"received_data":193,"sent_data":880,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"img67.chem17.com","ip":{"addr":"120.39.165.50","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"domain_registered":"2003-03-17","domain_rank":7233659,"first_seen":"2015-04-19T02:41:56Z","last_seen":"2025-11-08T06:41:23.630465Z","alert_count":0,"request_count":2,"received_data":398,"sent_data":998,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}]},{"fqdn":"img75.chem17.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2003-03-17","domain_rank":0,"first_seen":"2020-07-02T02:38:34Z","last_seen":"2025-11-12T07:50:31.131218Z","alert_count":0,"request_count":2,"received_data":404,"sent_data":998,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}]},{"fqdn":"collect-v6.51.la","ip":{"addr":"43.159.107.113","port":80,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2005-01-17","domain_rank":348646,"first_seen":"2021-03-08T16:03:54Z","last_seen":"2025-11-10T01:50:48.049957Z","alert_count":0,"request_count":2,"received_data":729,"sent_data":792,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img72.chem17.com","ip":{"addr":"218.60.101.80","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2003-03-17","domain_rank":0,"first_seen":"2020-07-23T08:16:54Z","last_seen":"2025-11-12T07:50:32.748162Z","alert_count":0,"request_count":2,"received_data":403,"sent_data":998,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}]},{"fqdn":"img76.chem17.com","ip":{"addr":"218.11.1.241","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2003-03-17","domain_rank":0,"first_seen":"2021-08-20T07:23:10Z","last_seen":"2025-11-12T07:50:31.771712Z","alert_count":0,"request_count":8,"received_data":1640,"sent_data":3992,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}]},{"fqdn":"img48.chem17.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2003-03-17","domain_rank":0,"first_seen":"2018-01-22T02:37:37Z","last_seen":"2025-11-12T07:50:31.197308Z","alert_count":0,"request_count":2,"received_data":410,"sent_data":998,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"img78.chem17.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2003-03-17","domain_rank":0,"first_seen":"2022-06-02T00:43:33Z","last_seen":"2025-11-08T06:41:23.126334Z","alert_count":0,"request_count":4,"received_data":807,"sent_data":1996,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.dgtjauto.com","ip":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"domain_registered":"2017-12-14","domain_rank":0,"first_seen":"2025-11-12T07:50:31.745591Z","last_seen":"2025-11-12T07:50:31.745591Z","alert_count":20,"request_count":24,"received_data":248435,"sent_data":9037,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}]},{"fqdn":"www.chem17.com","ip":{"addr":"180.163.146.112","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"domain_registered":"2003-03-17","domain_rank":3165666,"first_seen":"2013-06-12T07:47:44Z","last_seen":"2025-11-08T03:25:48.730502Z","alert_count":0,"request_count":1,"received_data":1406,"sent_data":664,"comment":"","tags":null,"fingerprints":[{"name":"Microsoft ASP.NET:4.0.30319","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41578,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.474321+0000\",\"flow_id\":289853328692448,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41578,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/ssico.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":708},\"files\":[{\"filename\":\"/Skins/329529/images/ssico.png\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":708,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":5,\"bytes_toserver\":666,\"bytes_toclient\":3214,\"start\":\"2025-11-12T07:52:17.890080+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41596,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.476967+0000\",\"flow_id\":12520847941992,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41596,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/logo.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":5,\"bytes_toserver\":665,\"bytes_toclient\":2516,\"start\":\"2025-11-12T07:52:17.893288+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41588,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.500631+0000\",\"flow_id\":1993441369234031,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41588,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/hengf.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":5,\"bytes_toserver\":666,\"bytes_toclient\":2508,\"start\":\"2025-11-12T07:52:17.891503+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41564,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.554907+0000\",\"flow_id\":1538095378960021,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41564,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/indbkbg.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2168},\"files\":[{\"filename\":\"/Skins/329529/images/indbkbg.png\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":2168,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":6,\"bytes_toserver\":722,\"bytes_toclient\":4166,\"start\":\"2025-11-12T07:52:17.888469+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41636,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.724233+0000\",\"flow_id\":974621439570920,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41636,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/arrows1.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":614,\"bytes_toclient\":2339,\"start\":\"2025-11-12T07:52:18.144360+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41604,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.790065+0000\",\"flow_id\":593105937114079,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41604,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/kefu.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":611,\"bytes_toclient\":2443,\"start\":\"2025-11-12T07:52:18.140255+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41596,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.815013+0000\",\"flow_id\":12520847941992,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41596,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/flbtbg2.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1460},\"files\":[{\"filename\":\"/Skins/329529/images/flbtbg2.png\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":1460,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":20,\"pkts_toclient\":22,\"bytes_toserver\":1853,\"bytes_toclient\":24355,\"start\":\"2025-11-12T07:52:17.893288+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41578,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.857377+0000\",\"flow_id\":289853328692448,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41578,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/flbtbg1.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2167},\"files\":[{\"filename\":\"/Skins/329529/images/flbtbg1.png\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":2167,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":10,\"bytes_toserver\":1314,\"bytes_toclient\":8335,\"start\":\"2025-11-12T07:52:17.890080+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41620,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.870650+0000\",\"flow_id\":1885861028441595,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41620,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/mulu2.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":612,\"bytes_toclient\":2440,\"start\":\"2025-11-12T07:52:18.142843+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41564,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.891611+0000\",\"flow_id\":1538095378960021,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41564,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/kefu-tb.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1460},\"files\":[{\"filename\":\"/Skins/329529/images/kefu-tb.png\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":1460,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":12,\"bytes_toserver\":1328,\"bytes_toclient\":11084,\"start\":\"2025-11-12T07:52:17.888469+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:19Z","timestamp":1762933939,"ip_dst":{"addr":"172.18.0.2","port":41610,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:19.061764+0000\",\"flow_id\":1434011141548065,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41610,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/mulu0.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1915},\"files\":[{\"filename\":\"/Skins/329529/images/mulu0.png\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":1915,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":6,\"bytes_toserver\":1162,\"bytes_toclient\":3004,\"start\":\"2025-11-12T07:52:18.141345+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:19Z","timestamp":1762933939,"ip_dst":{"addr":"172.18.0.2","port":41610,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:19.093114+0000\",\"flow_id\":1434011141548065,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41610,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/zxbtn.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2169},\"files\":[{\"filename\":\"/Skins/329529/images/zxbtn.png\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":2169,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":9,\"pkts_toclient\":9,\"bytes_toserver\":1282,\"bytes_toclient\":7546,\"start\":\"2025-11-12T07:52:18.141345+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:19Z","timestamp":1762933939,"ip_dst":{"addr":"172.18.0.2","port":41578,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:19.168265+0000\",\"flow_id\":289853328692448,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41578,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/morejt2.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1460},\"files\":[{\"filename\":\"/Skins/329529/images/morejt2.png\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":1460,\"tx_id\":2}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":17,\"pkts_toclient\":18,\"bytes_toserver\":2070,\"bytes_toclient\":17326,\"start\":\"2025-11-12T07:52:17.890080+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:19Z","timestamp":1762933939,"ip_dst":{"addr":"172.18.0.2","port":41596,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:19.180994+0000\",\"flow_id\":12520847941992,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41596,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/indnew_bg.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1460},\"files\":[{\"filename\":\"/Skins/329529/images/indnew_bg.jpg\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":1460,\"tx_id\":2}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":24,\"pkts_toclient\":29,\"bytes_toserver\":2449,\"bytes_toclient\":32003,\"start\":\"2025-11-12T07:52:17.893288+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:19Z","timestamp":1762933939,"ip_dst":{"addr":"172.18.0.2","port":41564,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:19.251329+0000\",\"flow_id\":1538095378960021,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41564,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/footli1.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1460},\"files\":[{\"filename\":\"/Skins/329529/images/footli1.png\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":1460,\"tx_id\":2}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":19,\"pkts_toclient\":28,\"bytes_toserver\":2192,\"bytes_toclient\":31134,\"start\":\"2025-11-12T07:52:17.888469+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:19Z","timestamp":1762933939,"ip_dst":{"addr":"172.18.0.2","port":41604,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:19.337150+0000\",\"flow_id\":593105937114079,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41604,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/morejt.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2464},\"files\":[{\"filename\":\"/Skins/329529/images/morejt.png\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":2464,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":18,\"pkts_toclient\":19,\"bytes_toserver\":2122,\"bytes_toclient\":19616,\"start\":\"2025-11-12T07:52:18.140255+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:29Z","timestamp":1762933949,"ip_dst":{"addr":"172.18.0.2","port":41620,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:29.492663+0000\",\"flow_id\":1885861028441595,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41620,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/artico.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2706},\"files\":[{\"filename\":\"/Skins/329529/images/artico.png\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":2706,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":10,\"bytes_toserver\":1313,\"bytes_toclient\":6650,\"start\":\"2025-11-12T07:52:18.142843+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:29Z","timestamp":1762933949,"ip_dst":{"addr":"172.18.0.2","port":41604,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:29.611082+0000\",\"flow_id\":593105937114079,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41604,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/footli2.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2021},\"files\":[{\"filename\":\"/Skins/329529/images/footli2.png\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":2021,\"tx_id\":2}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":20,\"pkts_toclient\":22,\"bytes_toserver\":2230,\"bytes_toclient\":22551,\"start\":\"2025-11-12T07:52:18.140255+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:29Z","timestamp":1762933949,"ip_dst":{"addr":"172.18.0.2","port":41610,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:29.654151+0000\",\"flow_id\":1434011141548065,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41610,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/footli3.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2636},\"files\":[{\"filename\":\"/Skins/329529/images/footli3.png\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":2636,\"tx_id\":2}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":13,\"pkts_toclient\":15,\"bytes_toserver\":1876,\"bytes_toclient\":13817,\"start\":\"2025-11-12T07:52:18.141345+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:30Z","timestamp":1762933950,"ip_dst":{"addr":"172.18.0.2","port":41578,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:30.827511+0000\",\"flow_id\":289853328692448,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41578,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/arrows2.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1362},\"files\":[{\"filename\":\"/Skins/329529/images/arrows2.png\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":1362,\"tx_id\":3}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":21,\"pkts_toclient\":22,\"bytes_toserver\":2664,\"bytes_toclient\":19664,\"start\":\"2025-11-12T07:52:17.890080+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.chem17.com/asyncstat.aspx?u=dgycgy2016\u0026referer=\u0026title=9001jcc%u91D1%u6C99%u4EE5%u8BDA%u4E3A%u672C%28%u4E2D%u56FD%29%u6709%u9650%u516C%u53F8-WeiXin%u767E%u79D1","fqdn":"www.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"180.163.146.112","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"70c9a44000074ae451650bd308e9071d","sha1":"75540a5c55cb04f1ffb2da5ce86e5e7c873e5cf8","sha256":"c5c61ee486b433dae3a2088bf43dca6cca16e80e94de8444b7625bfeebddbc29","sha512":"a5969d0de0dfa83a97bfbfd4dc90b1b1e55f876a839c88d086cdad6476921139fd85824fbacf3f0da771ecf5897e8a1445b60f18aab54f9171577488ded33021","ssdeep":"","tlshash":"3cf059624805e7fe9501b9a9ee61e344c14b0f6f7161d672a127428122214b7b0ac9e7","size":507,"data":"","first_seen":"2025-11-12T07:51:19.559841Z","last_seen":"2025-11-12T07:52:48.733395Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"public.mtnets.com/public/js/jqueryNew.min.js","fqdn":"public.mtnets.com","domain":"mtnets.com","tld":"com"},"ip":{"addr":"218.11.0.74","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89501,"data":"","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-05T07:43:24.080116Z","times_seen":445213,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"719aab4354407db47a24abe50315f90a","sha1":"85598428ff41adae3ff0a822f560d34d8afe679a","sha256":"675b8230e3581896afaca61d9c8349f391e29a48aacede78917534c9e19fdd7b","sha512":"ca61856a56588f43d9fea2a005d93e36895fac43bf7cb2eee19cb110050eedb916d02593245aee40cabb07da89473e6077d3415dce7f64feb64ee375ac8af06f","ssdeep":"","tlshash":"7ff097af9c42a1685ad625a8dbafe688c06e4425500ac813bcdac4ce2e38fc8042138c","size":492,"data":"","first_seen":"2025-03-23T02:04:52.629451Z","last_seen":"2026-03-11T16:30:43.311886Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/js/JSChat.js","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c585663f5b83e34d09092e44326b9377","sha1":"498b43fec7eb7cb801257cc121f97c12be542abc","sha256":"97da6e4048ee96ed0c9d00a4f87b00c26adb4af9af53df68e5d8b6669f4bb690","sha512":"5e9a059d9ff3f80b3aa58f6411925c2744e579450f08885deaf41bbdfcb95af3254195a4fde2454047d63838ec6a4eb5cd4d3b213bf1d94df9d5d30ba86f44e9","ssdeep":"","tlshash":"7731dfb28913d31609194e63c716174ca267915b9103e9623d3d7e643f88d2bb3997f0","size":1622,"data":"","first_seen":"2024-01-31T06:36:47Z","last_seen":"2026-04-05T04:58:55.073774Z","times_seen":497,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"cbfa47b5e5fc32faadd673ad8f45c9fa","sha1":"1e5ba7852d9a411a97ac5f3b46731d4dd1279a04","sha256":"a8284b9754f4a41d0a97474d4485a1170827897e3919e665517c07b3d6acad22","sha512":"86825db1952e0020c8cb35f88978467cebda0229a48d79089eaf5ccef933997879067cc5c704e28c4263f4e1fcbbb81c7e306c2ab84aedcd4386f23dc64ff14f","ssdeep":"","tlshash":"788000228e0200a028230800222c8002208008230020c220380eb80c2f000000a8a8c0","size":28,"data":"","first_seen":"2023-11-01T20:49:01Z","last_seen":"2026-04-04T22:37:14.111737Z","times_seen":38,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"72ee4c570525fe16d24280d6d128ef94","sha1":"d4b9a70f4dd210ca3101470680f32d83486d91e5","sha256":"369ac1f855f55db72de4513797d359fe4e64b81f3446c6a2bfa2509b098f0d57","sha512":"1d7b745ad43e5752e3d944f1f45e32881766c323cb974d5fc282b11595720b1c5e56ddee7afadea1f8fe43f83bd0e5ec7beb4248a50023a71a38dd51e9e4942b","ssdeep":"","tlshash":"72a0123f31a0730110011003f552080f15b35034c04180bcea6455c40438c5043c0d44","size":82,"data":"","first_seen":"2025-11-12T07:51:19.55554Z","last_seen":"2025-11-12T07:52:48.736686Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"push.zhanzhang.baidu.com/push.js","fqdn":"push.zhanzhang.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"182.61.201.93","port":80,"asn":38365,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"1bb5a3267c9865ad4abe8d937734b62b","sha1":"b5478dd2edb3e64242eced1db2dbd945ef81f592","sha256":"674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2","sha512":"33318ed944a49a8fa334983408d68853b1fbe4f80b19adef6235f23d7708b616cd4f8dd28c8b8ebfbb5776aab8088229f3060cd789af34fe1db5038a98bd0d39","ssdeep":"","tlshash":"91d02be874a0c41c0ce710b17fab328cfab20b2755244d40c05b90013614b1f824bfe9","size":281,"data":"","first_seen":"2023-03-07T01:02:09Z","last_seen":"2026-04-05T07:15:15.461149Z","times_seen":20923,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1f1c35eb69d43d3834d3ab304569d9fa","sha1":"226d96dc876d024617bab3b91736730657eed769","sha256":"7812f54e0ab854fcd2b8af5450d1cfd9ecefe48001448500e7c17ad49019d37c","sha512":"f5302709d42fab6177f9167cea6a17b949598d5a5c1b1cc12a71061224260d734a7b3d940f067d409ff481427bf470edc74002d61264f8e3087d1466ee3be5f5","ssdeep":"","tlshash":"16f0d4ae6c41a9545bc3349c97dfd74cd15f00381009c417a5d9c8cd3d38fc5082174c","size":492,"data":"","first_seen":"2024-12-04T02:32:47.469422Z","last_seen":"2026-03-29T20:57:38.564207Z","times_seen":47,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a2440f9d70ca83f250c83fa920016c4a","sha1":"eaba83be66877166cb9e0add18b0b7302347fbb3","sha256":"d359978c61af65441c1d1553d7afdb0d8c152a6e38f23cb43ccc05993784507a","sha512":"0e5df28278b13f3e292ee696b6c1117a876d25c88f0e7446b497d3ad8d497dad46e4bfe00b666b61c7ce5c49185e3665752824e46c7a756eb9267a82923a76c2","ssdeep":"","tlshash":"31f00e21059f2efd622a62bb6dfccd2e73ab241ea0b0c040be50e42476b198186482c8","size":492,"data":"","first_seen":"2025-10-21T20:00:17.715896Z","last_seen":"2025-12-17T05:03:09.333354Z","times_seen":263,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-04-05T07:45:35.102707Z","times_seen":81715,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/jquery.min.js","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a75ada17c3011458d74a0e4c5cc17ffa","sha1":"8e57d597b1caeb46af5a4578034187eda8bf8b26","sha256":"8056951f7605e0cc00e96769abe87124de09d74273e83efb7992dddc056390ce","sha512":"b56551f614e99478ac6a0e273fe4bb4b796c29e118732b903d11ec3dfc8368f0872386a3970dad897a0b5dceb21adb5557827c6dad66a642480a1f52c45fef4e","ssdeep":"","tlshash":"d30181d8c7c4d89baecc5e43ea24deca25b3813b97d832838318fe8c01ad157c89c049","size":718,"data":"","first_seen":"2023-03-07T12:26:46Z","last_seen":"2026-04-02T16:01:36.350899Z","times_seen":124,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fcl.xueyuxingfeng.com:6987/067/ade/sj.js","fqdn":"fcl.xueyuxingfeng.com","domain":"xueyuxingfeng.com","tld":"com"},"ip":{"addr":"27.124.44.6","port":6987,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"fa19716607c7d8137d9cfbe623dba7cb","sha1":"e46242940c345610d692c2b1ce8fe9c1152aa46c","sha256":"cc9193fc7e8e2722b308b5de9881b0442e21363e33b296824381d574816bae16","sha512":"391ff0cdc99fdcfb81af8a0a72425b9e178309d74d5ec96642dbfc1fdd98be8529260af73ac6896dd45266adde8cfcfa96083e4c94a10ef1a3e593de0915d60b","ssdeep":"","tlshash":"4b611f54ef8d20338e133155ae6f958c24be68577d48eca7f84c64d44fa0d38852beac","size":3363,"data":"","first_seen":"2024-12-18T10:35:23.532443Z","last_seen":"2026-04-04T22:13:19.170087Z","times_seen":212,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chat.chem17.com/chat/KFLeftBox/329529","fqdn":"chat.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"180.163.146.116","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"b936460ba988b30cd79d99ae93c77106","sha1":"a44405ff5b67abf66ef77714e4364e6c3f1e9940","sha256":"6cd604b71e1e21050b6a41602716b9a722e769a5d7cfb3b97152f3d73dcef5c9","sha512":"ad4731faf916fbb7118af38e25fa7e15814294950676fbd4ec41aeba5c7508ed34b7a7a4c98e1834e1096ea92e6301935699ed6df01a7416632e39063c0c9661","ssdeep":"","tlshash":"3990023209b10052711510915943e1456595959129de9915a00004a572529539a06d51","size":49,"data":"","first_seen":"2023-03-07T12:42:46Z","last_seen":"2026-04-05T04:58:55.066133Z","times_seen":582,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"public.mtnets.com/public/js/swiper.min.js","fqdn":"public.mtnets.com","domain":"mtnets.com","tld":"com"},"ip":{"addr":"218.11.0.74","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"75cc62321aac40e60cd42f4c5f6e22f1","sha1":"b1340194dc7dc3b81a650f85ab73052a3c18e671","sha256":"fd00f2f93eac8a4c8d786bc02e59cdce2cb6eafef6b8d7ec7ed1d0c6e9f8cb2a","sha512":"9c8dfade81f1309f78badfb276a73ea5527198df7d9193f9c298fd55e55bcd4cfcd61a02c1ea8a8b26e1a008a9d4129b012e947b0e187f7d5ef326eaa0f176f6","ssdeep":"1536:UyOkN3TklR3ZIFDG+Y7n2L5ydUTv0tSQfCBTa:hT673uTv0","tlshash":"3f93d66db314f2e295d3214a675ac64122f21706b849dae870b54c4a68bcc5d03bffbd","size":96151,"data":"","first_seen":"2024-07-28T19:52:58Z","last_seen":"2026-04-04T22:22:39.453746Z","times_seen":195,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"210d4f43b382acfb75f0f93b9c50ecbe","sha1":"59b36abd16d11e7df6631e0414001d2a71727bc9","sha256":"0dcc1d68298b80b8746eb95f3e454d036988415a8d6df607edf2f79be8a76911","sha512":"0aa2f0e626fba04f5e58e2e39e2eb1f33033e2eaae7f4e46ea0bbb3b419ff24abedc34e2265c536f899be66f8a015536e24898b7990732cebe90c77425122c30","ssdeep":"","tlshash":"d7b012a3bf0d0c3814893127012443c0b80dc7734f942999983c3a138010c458289f64","size":97,"data":"","first_seen":"2024-10-22T22:01:03.829516Z","last_seen":"2026-04-01T07:16:48.453299Z","times_seen":88,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/jquery.la.min.js","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d4b51ffe15958a81d90c7f2592705833","sha1":"9db4ffd50a1eadc66c4b3951295a3b30ba12a1b8","sha256":"46c1249793ab6f6b168aa586914a0da1c8617db8ef60404d7c98f6ed44be4c03","sha512":"fa499d8c313659800fe7aee0e2e096cb43bd1bf194ea93703b9c9bd86e82707000c40cd065139faa82f2c359e187e9d1dee87249b08e14927b9d2e4f56155e6f","ssdeep":"","tlshash":"3d21c15ffc15e2245b55287633bbedace9ae44319009d80769eec06c7d25ff94511a0c","size":1221,"data":"","first_seen":"2024-06-10T06:46:45Z","last_seen":"2026-03-29T21:47:46.905257Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"89tongji.com/matomo.js","fqdn":"89tongji.com","domain":"89tongji.com","tld":"com"},"ip":{"addr":"94.156.119.89","port":80,"asn":211895,"as":"Serverius Holding B.V.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"4b32d11120a738ec529e5d64979e9d10","sha1":"deedcd7014f47a999da6c19786713cd7a236040a","sha256":"1762dd6a64fcd59421610b68625258f9224a1f278159c4d99282adb631470465","sha512":"258a126ba730a9f57d0adef037bdf90f349265128ceb8d7d9e5c7754eb14751895dffb3220bc1da307021ea8c37c45b837064c89731313acf22a3245b3812452","ssdeep":"1536:ATgnSINAJrRJqerEKlFXhuXEjmbMNfwS9h2BLy1z71B8I6fJIKIQaFLa:AT+Z2fuqXYy1PGJ9d5","tlshash":"3963d8ce72c2753a4bcb6075a43f114ab27e9caa1448c4b4e62ac4f6383491d657bf7c","size":67972,"data":"","first_seen":"2025-09-25T22:45:46.07207Z","last_seen":"2026-04-05T06:29:55.682027Z","times_seen":13960,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chat.chem17.com/chat/KFCenterBox/329529","fqdn":"chat.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"180.163.146.116","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"b936460ba988b30cd79d99ae93c77106","sha1":"a44405ff5b67abf66ef77714e4364e6c3f1e9940","sha256":"6cd604b71e1e21050b6a41602716b9a722e769a5d7cfb3b97152f3d73dcef5c9","sha512":"ad4731faf916fbb7118af38e25fa7e15814294950676fbd4ec41aeba5c7508ed34b7a7a4c98e1834e1096ea92e6301935699ed6df01a7416632e39063c0c9661","ssdeep":"","tlshash":"3990023209b10052711510915943e1456595959129de9915a00004a572529539a06d51","size":49,"data":"","first_seen":"2023-03-07T12:42:46Z","last_seen":"2026-04-05T04:58:55.066133Z","times_seen":582,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.chem17.com/mystat.aspx?u=dgycgy2016","fqdn":"www.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"5fc3b21f426a6b669c086025a2e3e31d","sha1":"fa652e4043a8328974ae7481e7afe0123b508224","sha256":"0560973736bde2676e303c98d9d0f3dd913c758e0501502a1103ad44c6744cc8","sha512":"42cf14d687d0bbe6439e578ab769dd011b86ec8fe63461e48af38dc373db82dabd6e8978306c5340337c1d9914d76dd33573f08df924ffd6905efe33ac3d5115","ssdeep":"","tlshash":"28214d541d06c0a4bc35713d89b7c13cd2b11a273865d73278cca9084f78fa565deeea","size":1361,"data":"","first_seen":"2025-11-12T07:51:19.550242Z","last_seen":"2025-11-12T07:52:48.741948Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/Skins/329529/js/customer.js","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"cf45486f36fa46a4b8935adfb7b98079","sha1":"3ca5dcce696db8b2fb47249ca97781c8eefd0703","sha256":"9a8edece99ac33fd722a441e6fb87c04bf6ec46e344c6e7074fdea3cbc2d0a7e","sha512":"4baf16d3017de9a4f8f350d629afe1b7b26df7cdce6249fbfe794fef2f3f91b1841a4ade935db13af7829d7306e9fa979b964508e055868f710450800d48c5a3","ssdeep":"","tlshash":"f5811085d25cb43a42b7677b093f30928e0a0187d4ca58f2f5be5154cfa822d65b7fb0","size":3880,"data":"","first_seen":"2025-03-09T15:25:07.247169Z","last_seen":"2026-03-07T04:19:34.372668Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b3bf742b87eab13561c08070eaee6416","sha1":"fd4c07a8cccbfa6136825ee1e464c182ac0ad0d1","sha256":"95f8b67817f438cf0f147a83f95ae7c2846cf875691a1836239095cdf98f752b","sha512":"8dc25424a6738fabba8148bd305777d8238168992299a9ac467547678048ad60eb9cf1a50b98e3bbac3ec89e205f34ad100a3bbeefd4c38266d0663df0cf0afb","ssdeep":"","tlshash":"c1e026aa29721674578419fa992ff92cf1aa627c0554e003f58dfc230424eef4e2ead5","size":345,"data":"","first_seen":"2023-03-11T21:10:52Z","last_seen":"2026-04-05T04:58:55.074767Z","times_seen":2795,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"89tongji.com/tj.js?id=51","fqdn":"89tongji.com","domain":"89tongji.com","tld":"com"},"ip":{"addr":"94.156.119.89","port":443,"asn":211895,"as":"Serverius Holding B.V.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f07ff5c725cf522be1b083a9b6f5336","sha1":"b0ffdc146c81f8f338c360caf95bc9ee4576fc2c","sha256":"b9c04e61073b0a84b5a410332017bc6c50fd1a123e95fc96b51f5c15b4eca565","sha512":"0a1aace160ca503acee8c1665063f5e03bc18b6799bbd69ddf070b1c0edff1c384a98f566eceab859bc2f3db39c1530e35d6143642adaee00e50ba4b25916826","ssdeep":"","tlshash":"3df020101d9f6efc2129217b2dbccd7e33bf342ea0a1c0407e80d41565f2ac189483c8","size":533,"data":"","first_seen":"2025-10-20T21:30:04.145942Z","last_seen":"2025-12-17T06:35:43.56554Z","times_seen":774,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-04-05T07:45:35.102707Z","times_seen":81715,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"4d14415e19c22cec55e1f6184cf3bff1","sha1":"76f09bf3037a2de1695e2c4ea49c94c181416153","sha256":"09f90dcb2f46cbf260aea52da1b2cf44ac9ca2a9b8644874eaa252d65ad54502","sha512":"0af3dc47020dddd0dbf7c5eb7bd6fc850dc3f02615cf8acaba854fe209b9a54cde69128b4fd4f8c339c4c22054b8576f61dd3b81af49200afe533551a86feb3e","ssdeep":"","tlshash":"e6c02b835d01c84942004ac4d0a2fc2cd090f0398514dc8dc0d034cc21c05d90c011c4","size":133,"data":"","first_seen":"2023-03-07T12:26:46Z","last_seen":"2026-04-02T16:01:36.383121Z","times_seen":124,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"1e9d5fd185015e9b25706bb4d031cd3f","sha1":"d493e12c035a6c424de075097abfe0062c4498aa","sha256":"a6f02b389798842f8637ae815da877ba2643aec42433b4d8b74d83edfa8ce590","sha512":"7bb2debe5f5d76fed808d9c3a8f3bf9ee0401f59cb66faf3eb258e43b692c365162a9ea3de5a8dd52e40054969ab7afe1b7232a34f58601a6e89a4fef0545284","ssdeep":"","tlshash":"c8d097a7de0101a20a183082b0d2a73f23e7264fafc80b3028de1024e20529c9ed0163","size":242,"data":"","first_seen":"2025-11-12T07:51:19.568926Z","last_seen":"2025-11-12T07:52:48.744874Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"99bf69711d4838b39d49c1e1f316a80f","sha1":"9d9de9c959531e4c125f9b3b85ed4bc614d6e225","sha256":"1963d17ee0069b2f73b913a45b8345a70ca1d6b0c83e71a0d9e289346d339b8b","sha512":"1798dc5bd3e5aa1502ee65ed24a086f7bad4da87abf7bd60f2222c275d1fa8966581b913c12a5e9408131ad36ead9c99077be7f9bc07692e6919775e30892d28","ssdeep":"","tlshash":"dd51216786cc914f8e61e054e234faea1653682fcf73ac5bfe64659fda004ea49530cc","size":2668,"data":"","first_seen":"2025-11-12T07:51:19.571035Z","last_seen":"2025-11-12T07:52:48.745927Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"4948e87ff90354f9aa958fe3aae5ee9f","sha1":"49a5806481fc3de5de79121750759ad03fee7200","sha256":"d9e8faebcefb68e7ccd4a16e07a49a81692e052c51d869cda30c24615fc2e260","sha512":"ce3980a744ed9afb1d494e387693e29060e0b75204b19c029016e39dfb6176e255a48bee3dd25249e2edede9686eb677522435be416a45a9bb228a78936666cb","ssdeep":"","tlshash":"9ff09eae6c41e9545ad3249897efd24cd15e00281009c417a5d9c8cd3d38fd50c2574c","size":508,"data":"","first_seen":"2023-06-17T18:58:05Z","last_seen":"2026-03-29T21:47:46.968596Z","times_seen":108,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"3e417af7d57e4091efb38efe51d93ba7","sha1":"6f212e91f3e0c0fa72fc2356598c330c16d1adb5","sha256":"431ce9e1d89aae076e85338211456386044c0962c21056cfe1788f5707d9ffd9","sha512":"c5083e58b93eaf060601cde0f180851d2070ff3547939fce0bac41e866ff3d6c1a3843b73b6507940ce050904c411025fc50e5be579a7e27608c3ebc1e78ac15","ssdeep":"","tlshash":"73f09eaf9c41e5645ad62598d7bfe24cc45e44255009c413bcdac4cd3e39fd4042534c","size":508,"data":"","first_seen":"2024-06-10T06:46:45Z","last_seen":"2026-03-29T21:47:46.969207Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"ced45f00ebb2e79b6c6a66647bd89fbc","sha1":"0525aaba011f7b314a407d666e5fad6a61370fbc","sha256":"8da60e60c86598053d45c148804f4b0875c5ad94b1e765df389e3f5ef4283904","sha512":"7502d1edb7d811b367aac6f9b0d4741ef7ad65cf67945988b4c4fd36f1639bda25fdb7cf2c2781e641e17042b647092aec0cf31d5c902085a42c40fdd431685a","ssdeep":"","tlshash":"94a022033e02c088ac0200ebb0b0f83cf0a33820a882ec0cccf000282cb33ccce00002","size":78,"data":"","first_seen":"2023-11-23T05:47:09Z","last_seen":"2026-04-02T16:01:36.424947Z","times_seen":124,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"1058b4e5f02fbeccc2907b070c451119","sha1":"fcc2c2fd7a8a4ceb25f8c9bec54eda869e34605f","sha256":"efcb22dc152b256ee7a6600e505de70977024f8e97ee900615faf9371aa46fca","sha512":"a860b8f7f6d8eb92913b620fb3c0364b1ad5bf52c921842a8228b423003b3b18b8db4878543376a7dc974965834c8cd95dfd6717a4fc62b84248adfd3665b906","ssdeep":"","tlshash":"c9f005111ddf5dfd662a627b6dfccd1e73ab241d90b0c0407d80d41575b19c189482c8","size":508,"data":"","first_seen":"2025-10-20T21:30:04.189315Z","last_seen":"2025-12-17T06:35:43.622623Z","times_seen":774,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"http","addr":"img59.chem17.com/gxhpic_dea7ae3c8e/f4ab28128bc76c9f6c7691e5bc81693cd9188b526dc454d383475b9c850287f0f1edfe1f38b08ed4_500_500_5.png","fqdn":"img59.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"221.229.162.62","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.311Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/f4ab28128bc76c9f6c7691e5bc81693cd9188b526dc454d383475b9c850287f0f1edfe1f38b08ed4_500_500_5.png HTTP/1.1\r\nHost: img59.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img59.chem17.com/gxhpic_dea7ae3c8e/f4ab28128bc76c9f6c7691e5bc81693cd9188b526dc454d383475b9c850287f0f1edfe1f38b08ed4_500_500_5.png\r\nX-CCDN-REQ-ID-46B1: 252e533739d805c0470be01a359f2a30\r\nvia: CHN-JSxuzhou-AREACT3-CACHE31[11]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2589,"timings":{"blocked":2024,"dns":2,"connect":276,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"public.mtnets.com/public/js/jqueryNew.min.js","fqdn":"public.mtnets.com","domain":"mtnets.com","tld":"com"},"ip":{"addr":"218.11.0.74","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:16.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mtnets.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Fri, 05 Sep 2025 03:48:46 GMT","end":"Mon, 05 Oct 2026 03:48:45 GMT"},"fingerprint":{"sha1":"17:7D:9B:7D:77:E5:75:95:47:DB:97:C3:AB:B8:D0:E9:74:B6:07:84","sha256":"76:5C:C6:79:DF:08:A6:CD:BB:8D:53:C9:B4:57:D8:93:F6:E7:6A:58:6B:73:54:DB:67:7E:12:CE:5D:29:0A:D3"}}},"request":{"raw":"GET /public/js/jqueryNew.min.js HTTP/1.1\r\nHost: public.mtnets.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: openresty\r\nLast-Modified: Fri, 28 Apr 2023 03:52:05 GMT\r\nETag: W/\"f01a9ccc8479d91:0\"\r\nX-Powered-By: ASP.NET-4.91\r\nAccess-Control-Allow-Origin: *\r\nX-CCDN-Expires: 2069563\r\nvia: CHN-HEshijiazhuang-AREACUCC8-CACHE2[3],CHN-HEshijiazhuang-AREACUCC8-CACHE19[0,TCP_HIT,1],CHN-TJ-GLOBAL6-CACHE129[7],CHN-TJ-GLOBAL6-CACHE33[0,TCP_HIT,3]\r\nx-hcs-proxy-type: 1\r\nX-CCDN-CacheTTL: 2592000\r\nX-CCDN-REQ-ID-46B1: 2be7350328189f6e49dce8f86f7090e8\r\nnginx-hit: 1\r\nAge: 522437\r\nStrict-Transport-Security: max-age=31622400; includeSubDomains\r\nContent-Encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89501,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-05T07:43:24.080116Z","times_seen":445213,"resource_available":true,"data":null}},"time_used":1488,"timings":{"blocked":672,"dns":0,"connect":0,"send":0,"wait":253,"receive":21,"ssl":542},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/Skins/329529/images/mulu0.png","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.429Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/mulu0.png HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/Skins/329529/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dgtjauto.com/Skins/329529/images/mulu0.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":1915,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":584,"timings":{"blocked":397,"dns":0,"connect":0,"send":0,"wait":187,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img49.chem17.com/gxhpic_dea7ae3c8e/918f9a09f3f0cce0cc800de9bf1d1901408ab006c23b20a84d9224ba25b5431556fba32eb1d73e7d_500_500_5.png","fqdn":"img49.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.chem17.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Fri, 03 Jan 2025 06:14:58 GMT","end":"Mon, 02 Feb 2026 06:14:57 GMT"},"fingerprint":{"sha1":"EA:83:C4:F6:80:68:DA:E0:B9:5F:29:5F:25:1E:D7:C5:23:96:B4:5B","sha256":"F1:AD:AB:7C:0A:BE:EB:41:29:1E:D9:E5:50:CE:33:DC:53:3A:61:0B:3E:F8:FC:76:84:BF:3A:F4:D7:15:69:1F"}}},"request":{"raw":"GET /gxhpic_dea7ae3c8e/918f9a09f3f0cce0cc800de9bf1d1901408ab006c23b20a84d9224ba25b5431556fba32eb1d73e7d_500_500_5.png HTTP/1.1\r\nHost: img49.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":566,"timings":{"blocked":56,"dns":1,"connect":246,"send":0,"wait":0,"receive":0,"ssl":263},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/jquery.min.js","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.282Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /jquery.min.js HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:15 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 718\r\nLast-Modified: Fri, 17 Oct 2025 05:07:58 GMT\r\nConnection: keep-alive\r\nETag: \"68f1cf2e-2ce\"\r\nExpires: Wed, 12 Nov 2025 08:52:15 GMT\r\nCache-Control: max-age=3600\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":718,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (718), with no line terminators","md5":"a75ada17c3011458d74a0e4c5cc17ffa","sha1":"8e57d597b1caeb46af5a4578034187eda8bf8b26","sha256":"8056951f7605e0cc00e96769abe87124de09d74273e83efb7992dddc056390ce","sha512":"b56551f614e99478ac6a0e273fe4bb4b796c29e118732b903d11ec3dfc8368f0872386a3970dad897a0b5dceb21adb5557827c6dad66a642480a1f52c45fef4e","ssdeep":"","tlshash":"d30181d8c7c4d89baecc5e43ea24deca25b3813b97d832838318fe8c01ad157c89c049","first_seen":"2023-03-07T12:26:46Z","last_seen":"2026-04-02T16:01:36.350899Z","times_seen":124,"resource_available":true,"data":null}},"time_used":442,"timings":{"blocked":127,"dns":0,"connect":157,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"img76.chem17.com/gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bcc04332b4aabe4744e7abb89c0889dd76eff45d2503cebe58_500_500_5.png","fqdn":"img76.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"218.11.1.241","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.319Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bcc04332b4aabe4744e7abb89c0889dd76eff45d2503cebe58_500_500_5.png HTTP/1.1\r\nHost: img76.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img76.chem17.com/gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bcc04332b4aabe4744e7abb89c0889dd76eff45d2503cebe58_500_500_5.png\r\nX-CCDN-REQ-ID-46B1: 4bd92dac76d86af3720b678f67451242\r\nvia: CHN-HEshijiazhuang-AREACUCC12-CACHE67[8]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2588,"timings":{"blocked":2017,"dns":1,"connect":280,"send":0,"wait":290,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pinganfafa.com:25858/fcl.php?keyword=9001jcc%E9%87%91%E6%B2%99%E4%BB%A5%E8%AF%9A%E4%B8%BA%E6%9C%AC(%E4%B8%AD%E5%9B%BD)%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8-WeiXin%E7%99%BE%E7%A7%91\u0026from=pc\u0026originUrl=http%3A%2F%2Fwww.zgungames.com%2F\u0026referer=\u0026userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026v=793","fqdn":"pinganfafa.com","domain":"pinganfafa.com","tld":"com"},"ip":{"addr":"143.92.57.25","port":25858,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pinganfafa.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Sep 2025 13:14:50 GMT","end":"Mon, 08 Dec 2025 13:14:49 GMT"},"fingerprint":{"sha1":"51:0D:6F:EF:7F:BB:C7:1D:F1:44:1C:A3:C2:F7:5D:7D:12:5E:74:8D","sha256":"08:65:2C:AD:3E:95:EA:30:AC:57:A7:A9:8F:16:00:3B:9F:CF:2E:F8:26:69:6C:72:28:8D:7A:0F:0D:07:80:8E"}}},"request":{"raw":"GET /fcl.php?keyword=9001jcc%E9%87%91%E6%B2%99%E4%BB%A5%E8%AF%9A%E4%B8%BA%E6%9C%AC(%E4%B8%AD%E5%9B%BD)%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8-WeiXin%E7%99%BE%E7%A7%91\u0026from=pc\u0026originUrl=http%3A%2F%2Fwww.zgungames.com%2F\u0026referer=\u0026userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026v=793 HTTP/1.1\r\nHost: pinganfafa.com:25858\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://www.zgungames.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nAccess-Control-Allow-Origin: *\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":2675,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1851), with CRLF line terminators","md5":"9c32b518063c4fac57bed5dc53c1232b","sha1":"c1e23fc64bee9c1df908b966402407d213b16f74","sha256":"bdd28ad0a3c43659c841e1fd8fcd5b18a736a2d587020677464c7fafc8296c3b","sha512":"a1ac550817360b64f43338654ef3ab997d3ad5d6d356bc968316b74f000b1c13533c4edc09775fa8c07221f6427bc759ccd5c64622938e11013cc022abc6fbbe","ssdeep":"","tlshash":"8351306386cc914f8e61e054e234faea1653282fcf73ac4bfe64659fd6004ea89530cc","first_seen":"2025-11-12T07:51:19.509201Z","last_seen":"2025-11-12T07:52:48.695301Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1921,"timings":{"blocked":817,"dns":1,"connect":269,"send":0,"wait":286,"receive":0,"ssl":545},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.dgtjauto.com/Skins/329529/images/indbkbg.png","fqdn":"www.dgtjauto.com","domain":"dgtjauto.com","tld":"com"},"ip":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.923Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/indbkbg.png HTTP/1.1\r\nHost: www.dgtjauto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/png\r\nContent-Length: 4526\r\nConnection: keep-alive\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\nLast-Modified: Wed, 08 May 2024 03:17:22 GMT\r\nAccept-Ranges: bytes\r\nETag: \"08dcb3df6a0da1:0\"\r\nX-Powered-By: ASP.NET-115.4.179\r\nReferrer-Policy: unsafe-url\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nVia: cache62.l2cn8045[29,28,200-0,M], cache68.l2cn8045[30,0], kunlun6.cn6425[58,57,200-0,M], kunlun1.cn6425[77,0]\r\nAli-Swift-Global-Savetime: 1762933938\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Wed, 12 Nov 2025 07:52:18 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: 3da0c00b17629339382835581e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":4526,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1100 x 92, 8-bit/color RGBA, non-interlaced","md5":"1ec6c5a407b74f7a61ddf2e9d27ad18c","sha1":"a1b3983c2ef438ebf7888e7e9986a4ea6d98a9ef","sha256":"6026acd143831660c8808a13e1b6e0c377e51ca9462e4f4a395e30e03e7b2ba0","sha512":"1d414c048b713871685babf1c55700472799593996e4298680b52ff4249f1c7568bdf41e966b06a249f3d061b30b9a94eedde4095020451d6e6592ae8e155220","ssdeep":"96:3SYo7FmWlknNJh9mR3Ho/HzNGruZmGpiJWnm693drlwjBtWA34ZMb539osO:3SN7FrknwI/T4TWm6fr2alSN39osO","tlshash":"e7912a84ec839ca2490db14a59fc90926ab34ec94d41389d6fdddc076d248e5eecd6c7","first_seen":"2025-03-09T15:25:07.218972Z","last_seen":"2026-03-20T10:57:50.329833Z","times_seen":24,"resource_available":false,"data":null}},"time_used":908,"timings":{"blocked":240,"dns":1,"connect":275,"send":0,"wait":391,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41564,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.554907+0000\",\"flow_id\":1538095378960021,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41564,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/indbkbg.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2168},\"files\":[{\"filename\":\"/Skins/329529/images/indbkbg.png\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":2168,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":6,\"bytes_toserver\":722,\"bytes_toclient\":4166,\"start\":\"2025-11-12T07:52:17.888469+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img54.chem17.com/gxhpic_dea7ae3c8e/f4ab28128bc76c9f6c7691e5bc81693c705a02011e6462d023c363cedc4a45089a0f56ff1c88b29e_500_500_5.png","fqdn":"img54.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.012Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/f4ab28128bc76c9f6c7691e5bc81693c705a02011e6462d023c363cedc4a45089a0f56ff1c88b29e_500_500_5.png HTTP/1.1\r\nHost: img54.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":212,"timings":{"blocked":211,"dns":1,"connect":255,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"89tongji.com/matomo.php?action_name=9001jcc%E9%87%91%E6%B2%99%E4%BB%A5%E8%AF%9A%E4%B8%BA%E6%9C%AC(%E4%B8%AD%E5%9B%BD)%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8-WeiXin%E7%99%BE%E7%A7%91\u0026idsite=1\u0026rec=1\u0026r=639432\u0026h=7\u0026m=52\u0026s=18\u0026url=http%3A%2F%2Fwww.zgungames.com%2F\u0026_id=0abe8c189c7ce87e\u0026_idn=1\u0026send_image=0\u0026_refts=0\u0026pv_id=tqdiqb\u0026pf_net=178\u0026pf_srv=200\u0026pf_tfr=168\u0026pf_dm1=2650\u0026pf_dm2=680\u0026uadata=%7B%7D\u0026pdf=1\u0026qt=0\u0026realp=0\u0026wma=0\u0026fla=0\u0026java=0\u0026ag=0\u0026cookie=1\u0026res=1280x1024","fqdn":"89tongji.com","domain":"89tongji.com","tld":"com"},"ip":{"addr":"94.156.119.89","port":80,"asn":211895,"as":"Serverius Holding B.V.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.961Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /matomo.php?action_name=9001jcc%E9%87%91%E6%B2%99%E4%BB%A5%E8%AF%9A%E4%B8%BA%E6%9C%AC(%E4%B8%AD%E5%9B%BD)%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8-WeiXin%E7%99%BE%E7%A7%91\u0026idsite=1\u0026rec=1\u0026r=639432\u0026h=7\u0026m=52\u0026s=18\u0026url=http%3A%2F%2Fwww.zgungames.com%2F\u0026_id=0abe8c189c7ce87e\u0026_idn=1\u0026send_image=0\u0026_refts=0\u0026pv_id=tqdiqb\u0026pf_net=178\u0026pf_srv=200\u0026pf_tfr=168\u0026pf_dm1=2650\u0026pf_dm2=680\u0026uadata=%7B%7D\u0026pdf=1\u0026qt=0\u0026realp=0\u0026wma=0\u0026fla=0\u0026java=0\u0026ag=0\u0026cookie=1\u0026res=1280x1024 HTTP/1.1\r\nHost: 89tongji.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/x-www-form-urlencoded; charset=utf-8\r\nContent-Length: 0\r\nOrigin: http://www.zgungames.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 204 No Response\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:19 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nConnection: keep-alive\r\nVary: Origin\r\nAccess-Control-Allow-Origin: http://www.zgungames.com\r\nAccess-Control-Allow-Credentials: true\r\nReferrer-Policy: origin\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Response","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":76,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"89tongji.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zgungames.com/","fqdn":"zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-12T07:52:13.738Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":158,"timings":{"blocked":158,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/Skins/329529/images/hot.png","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.297Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/hot.png HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dgtjauto.com/Skins/329529/images/hot.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2236,"timings":{"blocked":2039,"dns":0,"connect":0,"send":0,"wait":197,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"img53.chem17.com/gxhpic_dea7ae3c8e/f4ab28128bc76c9f6c7691e5bc81693c114108b2f17b275b0cc9a35e68bef2ac36fea85f3e8ed772_500_500_5.png","fqdn":"img53.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"221.229.162.62","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.308Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/f4ab28128bc76c9f6c7691e5bc81693c114108b2f17b275b0cc9a35e68bef2ac36fea85f3e8ed772_500_500_5.png HTTP/1.1\r\nHost: img53.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img53.chem17.com/gxhpic_dea7ae3c8e/f4ab28128bc76c9f6c7691e5bc81693c114108b2f17b275b0cc9a35e68bef2ac36fea85f3e8ed772_500_500_5.png\r\nX-CCDN-REQ-ID-46B1: 339363e26a26655224dee7e918a41c59\r\nvia: CHN-JSxuzhou-AREACT3-CACHE34[11]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2534,"timings":{"blocked":2027,"dns":2,"connect":245,"send":0,"wait":260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/Skins/329529/js/customer.js","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.336Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/js/customer.js HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:15 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":3883,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"cf45486f36fa46a4b8935adfb7b98079","sha1":"3ca5dcce696db8b2fb47249ca97781c8eefd0703","sha256":"9a8edece99ac33fd722a441e6fb87c04bf6ec46e344c6e7074fdea3cbc2d0a7e","sha512":"4baf16d3017de9a4f8f350d629afe1b7b26df7cdce6249fbfe794fef2f3f91b1841a4ade935db13af7829d7306e9fa979b964508e055868f710450800d48c5a3","ssdeep":"","tlshash":"f5811085d25cb43a42b7677b093f30928e0a0187d4ca58f2f5be5154cfa822d65b7fb0","first_seen":"2025-03-09T15:25:07.247169Z","last_seen":"2026-03-07T04:19:34.372668Z","times_seen":20,"resource_available":true,"data":null}},"time_used":200,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":200,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img70.chem17.com/gxhpic_dea7ae3c8e/f88901ed60928cfceacad77486e69e8bd0beedf14381970422ef6af735503e29f196adf22287e574_500_500_5.jpg","fqdn":"img70.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.023Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/f88901ed60928cfceacad77486e69e8bd0beedf14381970422ef6af735503e29f196adf22287e574_500_500_5.jpg HTTP/1.1\r\nHost: img70.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":250,"timings":{"blocked":249,"dns":1,"connect":242,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tp.xinxiyidiantong.com:5868/uploads/uqpu1x4t749lwvxkguwwsdova106pr.jpg","fqdn":"tp.xinxiyidiantong.com","domain":"xinxiyidiantong.com","tld":"com"},"ip":{"addr":"27.124.44.50","port":5868,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.569Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"tp.xinxiyidiantong.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Sep 2025 11:36:35 GMT","end":"Thu, 18 Dec 2025 11:36:34 GMT"},"fingerprint":{"sha1":"42:AC:AC:86:E9:93:0A:FB:BB:4F:2F:69:BC:50:70:0F:13:C8:7F:16","sha256":"D3:F9:F5:85:00:77:6D:E5:3F:0F:A3:CE:E1:E2:AB:55:75:E8:94:D2:40:56:DB:DC:40:D7:30:17:9F:4C:39:3C"}}},"request":{"raw":"GET /uploads/uqpu1x4t749lwvxkguwwsdova106pr.jpg HTTP/1.1\r\nHost: tp.xinxiyidiantong.com:5868\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:19 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 200943\r\nLast-Modified: Fri, 30 Sep 2022 18:42:07 GMT\r\nConnection: keep-alive\r\nETag: \"6337387f-310ef\"\r\nExpires: Fri, 12 Dec 2025 07:52:19 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":200943,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1000x200, components 3","md5":"93b5fd25fa34d9f1f81869e9aa56dda7","sha1":"dc51916e54c77eb33536ba9acb346fc1e86cbe62","sha256":"e612039673cad23b189f1b221bb32b9f8133ea1327fb12e3ea5ef4723606efb4","sha512":"31ebdd12f3bf07d18fb093b3ea7e3783f1242ad253c494413286a5c3403ac2c208904b3bfc067a4c8933628876507889b07fe23361818d2cf5d931139325cfde","ssdeep":"6144:e8qa7OrrWXdlKyAcrn9Y1OhN8zvJ20dJj6SI:4a7Oyd0ncm12kvj6SI","tlshash":"a91412342adb8aececd6b579af1017a6114b0df2d4499fd3c634a838967e20b0d5bd70","first_seen":"2023-05-06T09:40:17Z","last_seen":"2026-04-05T04:58:55.067165Z","times_seen":1663,"resource_available":false,"data":null}},"time_used":2222,"timings":{"blocked":-1,"dns":1,"connect":271,"send":0,"wait":543,"receive":831,"ssl":575},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"89tongji.com/matomo.js","fqdn":"89tongji.com","domain":"89tongji.com","tld":"com"},"ip":{"addr":"94.156.119.89","port":80,"asn":211895,"as":"Serverius Holding B.V.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.865Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /matomo.js HTTP/1.1\r\nHost: 89tongji.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 67972\r\nLast-Modified: Tue, 21 Oct 2025 20:35:55 GMT\r\nConnection: keep-alive\r\nETag: \"68f7eeab-10984\"\r\nExpires: Wed, 12 Nov 2025 08:52:18 GMT\r\nPragma: public\r\nCache-Control: max-age=3600, public\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":67972,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2923)","md5":"4b32d11120a738ec529e5d64979e9d10","sha1":"deedcd7014f47a999da6c19786713cd7a236040a","sha256":"1762dd6a64fcd59421610b68625258f9224a1f278159c4d99282adb631470465","sha512":"258a126ba730a9f57d0adef037bdf90f349265128ceb8d7d9e5c7754eb14751895dffb3220bc1da307021ea8c37c45b837064c89731313acf22a3245b3812452","ssdeep":"1536:ATgnSINAJrRJqerEKlFXhuXEjmbMNfwS9h2BLy1z71B8I6fJIKIQaFLa:AT+Z2fuqXYy1PGJ9d5","tlshash":"3963d8ce72c2753a4bcb6075a43f114ab27e9caa1448c4b4e62ac4f6383491d657bf7c","first_seen":"2025-09-25T22:45:46.07207Z","last_seen":"2026-04-05T06:29:55.682027Z","times_seen":13960,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":18,"send":0,"wait":18,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"89tongji.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"img49.chem17.com/gxhpic_dea7ae3c8e/918f9a09f3f0cce0cc800de9bf1d1901408ab006c23b20a84d9224ba25b5431556fba32eb1d73e7d_500_500_5.png","fqdn":"img49.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"120.39.165.50","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.300Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/918f9a09f3f0cce0cc800de9bf1d1901408ab006c23b20a84d9224ba25b5431556fba32eb1d73e7d_500_500_5.png HTTP/1.1\r\nHost: img49.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img49.chem17.com/gxhpic_dea7ae3c8e/918f9a09f3f0cce0cc800de9bf1d1901408ab006c23b20a84d9224ba25b5431556fba32eb1d73e7d_500_500_5.png\r\nX-CCDN-REQ-ID-46B1: 1626f9630411490662c1aaf519e6b7bb\r\nvia: CHN-FJxiamen-CT16-CACHE6[0]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2552,"timings":{"blocked":2035,"dns":2,"connect":256,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.chem17.com/asyncstat.aspx?u=dgycgy2016\u0026referer=\u0026title=9001jcc%u91D1%u6C99%u4EE5%u8BDA%u4E3A%u672C%28%u4E2D%u56FD%29%u6709%u9650%u516C%u53F8-WeiXin%u767E%u79D1","fqdn":"www.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"180.163.146.112","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.chem17.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Fri, 03 Jan 2025 06:14:58 GMT","end":"Mon, 02 Feb 2026 06:14:57 GMT"},"fingerprint":{"sha1":"EA:83:C4:F6:80:68:DA:E0:B9:5F:29:5F:25:1E:D7:C5:23:96:B4:5B","sha256":"F1:AD:AB:7C:0A:BE:EB:41:29:1E:D9:E5:50:CE:33:DC:53:3A:61:0B:3E:F8:FC:76:84:BF:3A:F4:D7:15:69:1F"}}},"request":{"raw":"GET /asyncstat.aspx?u=dgycgy2016\u0026referer=\u0026title=9001jcc%u91D1%u6C99%u4EE5%u8BDA%u4E3A%u672C%28%u4E2D%u56FD%29%u6709%u9650%u516C%u53F8-WeiXin%u767E%u79D1 HTTP/1.1\r\nHost: www.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 549\r\ndate: Wed, 12 Nov 2025 07:52:17 GMT\r\ncache-control: no-cache\r\npragma: no-cache\r\nexpires: -1\r\nx-aspnet-version: 4.0.30319\r\nset-cookie: ASP.NET_SessionId=knbj0l5kmmoiuvdrnjabzyiz; path=/; HttpOnly; SameSite=Lax\nmtcached_mtsession_knbj0l5kmmoiuvdrnjabzyiz=10.115.3.112:9720; domain=.chem17.com; path=/; HttpOnly\r\nx-powered-by: ASP.NET-hg24\r\ncontent-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;\r\nvia: cache32.l2cn3130[31,31,200-0,M], cache11.l2cn3130[32,0], kunlun3.cn7174[45,45,200-0,M], kunlun1.cn7174[47,0]\r\nali-swift-global-savetime: 1762933937\r\nx-cache: MISS TCP_MISS dirn:-2:-2\r\nx-swift-savetime: Wed, 12 Nov 2025 07:52:17 GMT\r\nx-swift-cachetime: 0\r\ntiming-allow-origin: *\r\neagleid: b4a3921517629339374632111e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET:4.0.30319","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":549,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (519), with CRLF line terminators","md5":"7b55782fe966e1ffe7942341d20c83d2","sha1":"50d7713a9900ec82a1ccce32df65bfe236210f56","sha256":"9d326e45fe379fc6f790199c1f3b7a74940162bdab3575cbadbedcd694dbfc84","sha512":"24e2f81482fcb3617cbbe4b624fd76760905695e15eca21335a353a0c1f63f9b02b3256049b552bb798784ba54c910087fd1bf7f3aca429045127a841c628ac9","ssdeep":"","tlshash":"f2f0c0124c01e7fe88017ce9de71e744c04b0f2f7161da72a167418132205b7b4dc9d7","first_seen":"2025-11-12T07:51:19.505076Z","last_seen":"2025-11-12T07:52:48.700236Z","times_seen":2,"resource_available":false,"data":null}},"time_used":281,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":280,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/Skins/329529/images/footli1.png","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.437Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/footli1.png HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/Skins/329529/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dgtjauto.com/Skins/329529/images/footli1.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2749,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":780,"timings":{"blocked":577,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img76.chem17.com/gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bc4ee852b7f04baa6084d5dffde89ac05df4a07e4a4246fe82_500_500_5.png","fqdn":"img76.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.chem17.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Fri, 03 Jan 2025 06:14:58 GMT","end":"Mon, 02 Feb 2026 06:14:57 GMT"},"fingerprint":{"sha1":"EA:83:C4:F6:80:68:DA:E0:B9:5F:29:5F:25:1E:D7:C5:23:96:B4:5B","sha256":"F1:AD:AB:7C:0A:BE:EB:41:29:1E:D9:E5:50:CE:33:DC:53:3A:61:0B:3E:F8:FC:76:84:BF:3A:F4:D7:15:69:1F"}}},"request":{"raw":"GET /gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bc4ee852b7f04baa6084d5dffde89ac05df4a07e4a4246fe82_500_500_5.png HTTP/1.1\r\nHost: img76.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":551,"timings":{"blocked":44,"dns":1,"connect":233,"send":0,"wait":0,"receive":0,"ssl":272},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.dgtjauto.com/Skins/329529/images/mulu2.png","fqdn":"www.dgtjauto.com","domain":"dgtjauto.com","tld":"com"},"ip":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.591Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/mulu2.png HTTP/1.1\r\nHost: www.dgtjauto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/png\r\nContent-Length: 1888\r\nConnection: keep-alive\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\nLast-Modified: Wed, 08 May 2024 03:17:26 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0e72d40f6a0da1:0\"\r\nX-Powered-By: ASP.NET-115.4.179\r\nReferrer-Policy: unsafe-url\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nVia: cache40.l2cn8000[17,17,200-0,M], cache31.l2cn8000[19,0], kunlun9.cn6425[32,32,200-0,M], kunlun4.cn6425[34,0]\r\nAli-Swift-Global-Savetime: 1762933938\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Wed, 12 Nov 2025 07:52:18 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: 3da0c00e17629339386915963e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":1888,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 31 x 31, 8-bit/color RGBA, non-interlaced","md5":"eddd0f849fc1c7829832b6f9e8fb4fd9","sha1":"2f8a652e625775bf7a3698f81a0300fef7135d8e","sha256":"6416a6887e980be9597039e8582579cbacfd3f1294ddbd13186aef108d9d7de8","sha512":"1055e73c87f1aae96da68ff07fee60d28f5de434888f7caa91fc8ea93d1bd6dd67c9a75927981f88642b45568f67372b4f08306bff5850d3136ceacfa147d94f","ssdeep":"","tlshash":"be417789f910ec52694dea86bce6a1472b375be185e7b4117cc98c0b14b20f9cd1ecd7","first_seen":"2025-03-09T15:25:07.220556Z","last_seen":"2026-03-20T10:57:50.306774Z","times_seen":15,"resource_available":false,"data":null}},"time_used":283,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":283,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41620,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.870650+0000\",\"flow_id\":1885861028441595,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41620,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/mulu2.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":612,\"bytes_toclient\":2440,\"start\":\"2025-11-12T07:52:18.142843+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chat.chem17.com/chat/KFLeftBox/329529","fqdn":"chat.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"180.163.146.116","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.292Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.chem17.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Fri, 03 Jan 2025 06:14:58 GMT","end":"Mon, 02 Feb 2026 06:14:57 GMT"},"fingerprint":{"sha1":"EA:83:C4:F6:80:68:DA:E0:B9:5F:29:5F:25:1E:D7:C5:23:96:B4:5B","sha256":"F1:AD:AB:7C:0A:BE:EB:41:29:1E:D9:E5:50:CE:33:DC:53:3A:61:0B:3E:F8:FC:76:84:BF:3A:F4:D7:15:69:1F"}}},"request":{"raw":"GET /chat/KFLeftBox/329529 HTTP/1.1\r\nHost: chat.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 49\r\ndate: Wed, 12 Nov 2025 07:52:16 GMT\r\ncache-control: private\r\nx-aspnetmvc-version: 3.0\r\nx-aspnet-version: 4.0.30319\r\nset-cookie: ASP.NET_SessionId=qthovw3roeezg0mmrofuwzd5; path=/; HttpOnly; SameSite=Lax\nmtcached_mtsession_qthovw3roeezg0mmrofuwzd5=10.115.3.112:9718; domain=chat.chem17.com; path=/; HttpOnly\r\nx-powered-by: ASP.NET-hg4.165\r\ncontent-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data:;\r\nvia: cache9.l2cn8123[73,73,200-0,M], cache13.l2cn8123[75,0], kunlun6.cn7174[83,82,200-0,M], kunlun9.cn7174[84,0]\r\nali-swift-global-savetime: 1762933936\r\nx-cache: MISS TCP_MISS dirn:-2:-2\r\nx-swift-savetime: Wed, 12 Nov 2025 07:52:16 GMT\r\nx-swift-cachetime: 0\r\ntiming-allow-origin: *\r\neagleid: b4a3921d17629339361021543e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET:4.0.30319","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":49,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"b936460ba988b30cd79d99ae93c77106","sha1":"a44405ff5b67abf66ef77714e4364e6c3f1e9940","sha256":"6cd604b71e1e21050b6a41602716b9a722e769a5d7cfb3b97152f3d73dcef5c9","sha512":"ad4731faf916fbb7118af38e25fa7e15814294950676fbd4ec41aeba5c7508ed34b7a7a4c98e1834e1096ea92e6301935699ed6df01a7416632e39063c0c9661","ssdeep":"","tlshash":"3990023209b10052711510915943e1456595959129de9915a00004a572529539a06d51","first_seen":"2023-03-07T12:42:46Z","last_seen":"2026-04-05T04:58:55.066133Z","times_seen":582,"resource_available":true,"data":null}},"time_used":1068,"timings":{"blocked":-1,"dns":36,"connect":0,"send":0,"wait":312,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img70.chem17.com/gxhpic_dea7ae3c8e/f88901ed60928cfceacad77486e69e8bd0beedf14381970422ef6af735503e29f196adf22287e574_500_500_5.jpg","fqdn":"img70.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"116.153.39.128","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.314Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/f88901ed60928cfceacad77486e69e8bd0beedf14381970422ef6af735503e29f196adf22287e574_500_500_5.jpg HTTP/1.1\r\nHost: img70.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img70.chem17.com/gxhpic_dea7ae3c8e/f88901ed60928cfceacad77486e69e8bd0beedf14381970422ef6af735503e29f196adf22287e574_500_500_5.jpg\r\nX-CCDN-REQ-ID-46B1: 16b6bdcf3c48429f45f4fc983499b526\r\nvia: CHN-JXnanchang-AREACUCC1-CACHE5[8]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2648,"timings":{"blocked":2021,"dns":2,"connect":308,"send":0,"wait":317,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/Skins/329529/images/ssico.png","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.403Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/ssico.png HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/Skins/329529/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dgtjauto.com/Skins/329529/images/ssico.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2639,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":423,"timings":{"blocked":232,"dns":0,"connect":0,"send":0,"wait":191,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/Skins/329529/images/footli2.png","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.437Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/footli2.png HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/Skins/329529/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dgtjauto.com/Skins/329529/images/footli2.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2021,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":788,"timings":{"blocked":584,"dns":0,"connect":0,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img76.chem17.com/gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bc3bfff82b6b1246b4fd401f83b7f725e22eab8ef35730c069_500_500_5.png","fqdn":"img76.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.014Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bc3bfff82b6b1246b4fd401f83b7f725e22eab8ef35730c069_500_500_5.png HTTP/1.1\r\nHost: img76.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":221,"timings":{"blocked":220,"dns":1,"connect":227,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tp.xinxiyidiantong.com:5868/uploads/54toyhvk4oileqkh2dhxo03dw6kgzljw5fbbxsv2.gif","fqdn":"tp.xinxiyidiantong.com","domain":"xinxiyidiantong.com","tld":"com"},"ip":{"addr":"27.124.44.50","port":5868,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.556Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"tp.xinxiyidiantong.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Sep 2025 11:36:35 GMT","end":"Thu, 18 Dec 2025 11:36:34 GMT"},"fingerprint":{"sha1":"42:AC:AC:86:E9:93:0A:FB:BB:4F:2F:69:BC:50:70:0F:13:C8:7F:16","sha256":"D3:F9:F5:85:00:77:6D:E5:3F:0F:A3:CE:E1:E2:AB:55:75:E8:94:D2:40:56:DB:DC:40:D7:30:17:9F:4C:39:3C"}}},"request":{"raw":"GET /uploads/54toyhvk4oileqkh2dhxo03dw6kgzljw5fbbxsv2.gif HTTP/1.1\r\nHost: tp.xinxiyidiantong.com:5868\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:19 GMT\r\nContent-Type: image/gif\r\nContent-Length: 138124\r\nLast-Modified: Fri, 09 Aug 2019 07:26:30 GMT\r\nConnection: keep-alive\r\nETag: \"5d4d2026-21b8c\"\r\nExpires: Fri, 12 Dec 2025 07:52:19 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":138124,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1000 x 300","md5":"b15223fbef3ad6231c8a2065b14321bf","sha1":"32b15b10b21a7a2c10a3720529299b0e77f574b8","sha256":"60571f689a768060ae99d093560967d034611fc4ec7a87a0ee270a3a9b1b23fa","sha512":"b0c323885831c1ee9294ccc4fef70dda96f52228a7c31251d1fcb3cd507695c4da9fc1cb9397718a40cf4f5ada5465ca1cca360f89d32c6ab8cae1e4fd0431a5","ssdeep":"3072:JPSoQzDO90I0F1VhJl/rJVbAVNC2u4HVIdaIEscCOy3DFpXdOp5kK:JPSHXDI0FhrrJVcVA2u4HVILEyzTXdPK","tlshash":"b1d312ee99848b35c1dd79f6ed67d4383704f15770aa202e9a0cafefbb528129d02447","first_seen":"2023-05-06T02:42:24Z","last_seen":"2026-04-04T16:12:34.547249Z","times_seen":673,"resource_available":false,"data":null}},"time_used":1867,"timings":{"blocked":-1,"dns":1,"connect":264,"send":0,"wait":525,"receive":540,"ssl":536},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"public.mtnets.com/public/js/jqueryNew.min.js","fqdn":"public.mtnets.com","domain":"mtnets.com","tld":"com"},"ip":{"addr":"218.11.0.74","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.286Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /public/js/jqueryNew.min.js HTTP/1.1\r\nHost: public.mtnets.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:16 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://public.mtnets.com/public/js/jqueryNew.min.js\r\nX-CCDN-REQ-ID-46B1: 2b08193f1823701413fbf5e8723c4b12\r\nvia: CHN-HEshijiazhuang-AREACUCC8-CACHE34[0]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89501,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":1947,"timings":{"blocked":815,"dns":568,"connect":282,"send":0,"wait":282,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/Skins/329529/images/arrows1.png","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.397Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/arrows1.png HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/Skins/329529/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dgtjauto.com/Skins/329529/images/arrows1.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":1360,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":922,"timings":{"blocked":727,"dns":0,"connect":0,"send":0,"wait":195,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.dgtjauto.com/Skins/329529/images/ssico.png","fqdn":"www.dgtjauto.com","domain":"dgtjauto.com","tld":"com"},"ip":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.920Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/ssico.png HTTP/1.1\r\nHost: www.dgtjauto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/png\r\nContent-Length: 2639\r\nConnection: keep-alive\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\nLast-Modified: Wed, 08 May 2024 03:17:30 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0419042f6a0da1:0\"\r\nX-Powered-By: ASP.NET-114.4.178\r\nReferrer-Policy: unsafe-url\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nVia: cache70.l2cn2655[24,23,200-0,M], cache20.l2cn2655[25,0], kunlun2.cn6425[37,36,200-0,M], kunlun8.cn6425[38,0]\r\nAli-Swift-Global-Savetime: 1762933938\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Wed, 12 Nov 2025 07:52:18 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: 3da0c01217629339382915360e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":2639,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"8626dcfb2b93471283ef13bdc8a19754","sha1":"bc6b707d9063425166d30512d9e950e1fecc101e","sha256":"30e3bdc93522afc9b0218b46b18512b645d2698c88c69d82c1eddc9ad81545a7","sha512":"4b771b41bff8b24b78bcdf4748713495aacc38ddd6ec94d66ad9aa2f757804848dd80e3b3d5189c1ea26d536bd132c83f3c5f781072534dc31f8f6e8de4f1d93","ssdeep":"","tlshash":"cb519508fc1468504e0cfa885afda24297f70fc58e9068096ed9c8539d215fd8edd5cb","first_seen":"2025-03-09T15:25:07.21815Z","last_seen":"2026-03-20T10:57:50.306318Z","times_seen":25,"resource_available":false,"data":null}},"time_used":830,"timings":{"blocked":242,"dns":1,"connect":272,"send":0,"wait":315,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41578,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.474321+0000\",\"flow_id\":289853328692448,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41578,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/ssico.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":708},\"files\":[{\"filename\":\"/Skins/329529/images/ssico.png\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":708,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":5,\"bytes_toserver\":666,\"bytes_toclient\":3214,\"start\":\"2025-11-12T07:52:17.890080+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img73.chem17.com/gxhpic_dea7ae3c8e/8975028d8e14767f2c894ca8a747ba518c84fe300cc7eb06e02cca9234168f797f88432de4d0d79c_500_500_5.png","fqdn":"img73.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.925Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/8975028d8e14767f2c894ca8a747ba518c84fe300cc7eb06e02cca9234168f797f88432de4d0d79c_500_500_5.png HTTP/1.1\r\nHost: img73.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":10,"dns":0,"connect":292,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.dgtjauto.com/index_cache.html","fqdn":"www.dgtjauto.com","domain":"dgtjauto.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.337Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /index_cache.html HTTP/1.1\r\nHost: www.dgtjauto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2253,"timings":{"blocked":1999,"dns":1,"connect":253,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/Skins/329529/images/zxbtn.png","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.433Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/zxbtn.png HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/Skins/329529/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dgtjauto.com/Skins/329529/images/zxbtn.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":6189,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":643,"timings":{"blocked":455,"dns":0,"connect":0,"send":0,"wait":188,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.dgtjauto.com/Skins/329529/images/hot.png","fqdn":"www.dgtjauto.com","domain":"dgtjauto.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.902Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/hot.png HTTP/1.1\r\nHost: www.dgtjauto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.dgtjauto.com/Skins/329529/images/footli3.png","fqdn":"www.dgtjauto.com","domain":"dgtjauto.com","tld":"com"},"ip":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.267Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/footli3.png HTTP/1.1\r\nHost: www.dgtjauto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/png\r\nContent-Length: 2636\r\nConnection: keep-alive\r\nDate: Wed, 12 Nov 2025 07:52:19 GMT\r\nLast-Modified: Wed, 08 May 2024 03:17:18 GMT\r\nAccept-Ranges: bytes\r\nETag: \"033693bf6a0da1:0\"\r\nX-Powered-By: ASP.NET-115.4.180\r\nReferrer-Policy: unsafe-url\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nVia: cache70.l2cn3022[24,24,200-0,M], cache1.l2cn3022[25,0], kunlun2.cn6425[31,31,200-0,M], kunlun5.cn6425[33,0]\r\nAli-Swift-Global-Savetime: 1762933939\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Wed, 12 Nov 2025 07:52:19 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: 3da0c00f17629339392024198e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":2636,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced","md5":"e219780f2dc9c2e082c44507df3b50d5","sha1":"0fecbfe7541cf18218e369255d2baa5c5d609da4","sha256":"09d36a2a12fe418eb1ae90744d345dbd7e4c8f9994294a8e437240a5d1580272","sha512":"520008d3969d5c04eb7199ff71cbebf4400a8b861a5ed3d56c83ba8fb155fc0310f2789896580c2858e827d3f3c44f1ec18dda07040f4776f7874f0692bd9dfe","ssdeep":"","tlshash":"db516348fc929c80591df449a5fc614763bb0ec09e9124495ec8c8239d309fdded96cb","first_seen":"2025-03-09T15:25:07.221793Z","last_seen":"2026-03-20T10:57:50.313151Z","times_seen":25,"resource_available":false,"data":null}},"time_used":1116,"timings":{"blocked":835,"dns":0,"connect":0,"send":0,"wait":281,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:29Z","timestamp":1762933949,"ip_dst":{"addr":"172.18.0.2","port":41610,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:29.654151+0000\",\"flow_id\":1434011141548065,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41610,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/footli3.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2636},\"files\":[{\"filename\":\"/Skins/329529/images/footli3.png\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":2636,\"tx_id\":2}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":13,\"pkts_toclient\":15,\"bytes_toserver\":1876,\"bytes_toclient\":13817,\"start\":\"2025-11-12T07:52:18.141345+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img50.chem17.com/gxhpic_dea7ae3c8e/88c648add642a1ecb59f5414f8c930e709c407789f2605941d86a4efd81eccf347ab35c77539fb46_500_500_5.png","fqdn":"img50.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"218.12.77.90","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.299Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/88c648add642a1ecb59f5414f8c930e709c407789f2605941d86a4efd81eccf347ab35c77539fb46_500_500_5.png HTTP/1.1\r\nHost: img50.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img50.chem17.com/gxhpic_dea7ae3c8e/88c648add642a1ecb59f5414f8c930e709c407789f2605941d86a4efd81eccf347ab35c77539fb46_500_500_5.png\r\nX-CCDN-REQ-ID-46B1: 31b574d160e126f11bb835357674f26a\r\nvia: CHN-HEshijiazhuang-AREACUCC11-CACHE48[9]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2596,"timings":{"blocked":2036,"dns":2,"connect":273,"send":0,"wait":285,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img49.chem17.com/gxhpic_dea7ae3c8e/918f9a09f3f0cce0cc800de9bf1d190137a4e758d7bb3b04b2f03935e55d5bfe99919bac8f209633_500_500_5.png","fqdn":"img49.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"120.39.165.50","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.306Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/918f9a09f3f0cce0cc800de9bf1d190137a4e758d7bb3b04b2f03935e55d5bfe99919bac8f209633_500_500_5.png HTTP/1.1\r\nHost: img49.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img49.chem17.com/gxhpic_dea7ae3c8e/918f9a09f3f0cce0cc800de9bf1d190137a4e758d7bb3b04b2f03935e55d5bfe99919bac8f209633_500_500_5.png\r\nX-CCDN-REQ-ID-46B1: 1c2a96573577a7a270108723737a3e5c\r\nvia: CHN-FJxiamen-CT16-CACHE12[2]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2563,"timings":{"blocked":2028,"dns":2,"connect":262,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img73.chem17.com/gxhpic_dea7ae3c8e/8975028d8e14767f2c894ca8a747ba518c84fe300cc7eb06e02cca9234168f797f88432de4d0d79c_500_500_5.png","fqdn":"img73.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"218.12.77.90","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.316Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/8975028d8e14767f2c894ca8a747ba518c84fe300cc7eb06e02cca9234168f797f88432de4d0d79c_500_500_5.png HTTP/1.1\r\nHost: img73.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img73.chem17.com/gxhpic_dea7ae3c8e/8975028d8e14767f2c894ca8a747ba518c84fe300cc7eb06e02cca9234168f797f88432de4d0d79c_500_500_5.png\r\nX-CCDN-REQ-ID-46B1: 7dfecc5a1b8425532c2d70a6089c7113\r\nvia: CHN-HEshijiazhuang-AREACUCC11-CACHE43[5]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2519,"timings":{"blocked":2019,"dns":2,"connect":246,"send":0,"wait":252,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img50.chem17.com/gxhpic_dea7ae3c8e/918f9a09f3f0cce0cc800de9bf1d1901d6c4138ca10a16aa0e34e7c23b8afa5f068367efeea88ccf_500_500_5.jpg","fqdn":"img50.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"218.12.77.90","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.303Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/918f9a09f3f0cce0cc800de9bf1d1901d6c4138ca10a16aa0e34e7c23b8afa5f068367efeea88ccf_500_500_5.jpg HTTP/1.1\r\nHost: img50.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img50.chem17.com/gxhpic_dea7ae3c8e/918f9a09f3f0cce0cc800de9bf1d1901d6c4138ca10a16aa0e34e7c23b8afa5f068367efeea88ccf_500_500_5.jpg\r\nX-CCDN-REQ-ID-46B1: 5a528a14305d0a69273e2bc66466f3e8\r\nvia: CHN-HEshijiazhuang-AREACUCC11-CACHE11[9]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2549,"timings":{"blocked":2031,"dns":2,"connect":253,"send":0,"wait":262,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/Skins/329529/images/morejt.png","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.418Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/morejt.png HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/Skins/329529/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dgtjauto.com/Skins/329529/images/morejt.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2464,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":325,"timings":{"blocked":-1,"dns":1,"connect":158,"send":0,"wait":186,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img68.chem17.com/gxhpic_dea7ae3c8e/f88901ed60928cfceacad77486e69e8b49ebc17192a1248810d2681a2ba609c297ba1377f23abbd8_500_500_5.jpg","fqdn":"img68.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.917Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.chem17.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Fri, 03 Jan 2025 06:14:58 GMT","end":"Mon, 02 Feb 2026 06:14:57 GMT"},"fingerprint":{"sha1":"EA:83:C4:F6:80:68:DA:E0:B9:5F:29:5F:25:1E:D7:C5:23:96:B4:5B","sha256":"F1:AD:AB:7C:0A:BE:EB:41:29:1E:D9:E5:50:CE:33:DC:53:3A:61:0B:3E:F8:FC:76:84:BF:3A:F4:D7:15:69:1F"}}},"request":{"raw":"GET /gxhpic_dea7ae3c8e/f88901ed60928cfceacad77486e69e8b49ebc17192a1248810d2681a2ba609c297ba1377f23abbd8_500_500_5.jpg HTTP/1.1\r\nHost: img68.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":577,"timings":{"blocked":-1,"dns":2,"connect":281,"send":0,"wait":0,"receive":0,"ssl":293},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.dgtjauto.com/Skins/329529/images/footli1.png","fqdn":"www.dgtjauto.com","domain":"dgtjauto.com","tld":"com"},"ip":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.222Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/footli1.png HTTP/1.1\r\nHost: www.dgtjauto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/png\r\nContent-Length: 2749\r\nConnection: keep-alive\r\nDate: Wed, 12 Nov 2025 07:52:19 GMT\r\nLast-Modified: Wed, 08 May 2024 03:17:18 GMT\r\nAccept-Ranges: bytes\r\nETag: \"033693bf6a0da1:0\"\r\nX-Powered-By: ASP.NET-115.4.180\r\nReferrer-Policy: unsafe-url\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nVia: ens-cache66.l2cn7147[42,41,200-0,M], ens-cache49.l2cn7147[43,0], kunlun7.cn6425[62,62,200-0,M], kunlun1.cn6425[64,0]\r\nAli-Swift-Global-Savetime: 1762933939\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Wed, 12 Nov 2025 07:52:19 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: 3da0c00b17629339390066854e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":2749,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced","md5":"bfa6cce8bd645b1ece91b138416de875","sha1":"6635e91cf84837a9b62520cb3b18b6e2b7ec701f","sha256":"b433844a4d6b59513e62ee8231d0a630bc1ace58a00e5d12b2e89a2e10904e60","sha512":"8e2274061261a2b05afb3067d9846fc5192af8a7620670fbfd0925443ad607acfef5ec6c38493dfe259395e875f92442ac23e3fab4beaeb14b15eceef2204039","ssdeep":"","tlshash":"c6516348fc9068905a5df985aafda046a6f74fc08e912859edc8cc032d605fdcdda9c7","first_seen":"2025-03-09T15:25:07.238052Z","last_seen":"2026-03-20T10:57:50.322092Z","times_seen":26,"resource_available":false,"data":null}},"time_used":1030,"timings":{"blocked":693,"dns":0,"connect":0,"send":0,"wait":336,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:19Z","timestamp":1762933939,"ip_dst":{"addr":"172.18.0.2","port":41564,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:19.251329+0000\",\"flow_id\":1538095378960021,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41564,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/footli1.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1460},\"files\":[{\"filename\":\"/Skins/329529/images/footli1.png\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":1460,\"tx_id\":2}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":19,\"pkts_toclient\":28,\"bytes_toserver\":2192,\"bytes_toclient\":31134,\"start\":\"2025-11-12T07:52:17.888469+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tp.xinxiyidiantong.com:5868/uploads/73in1fspksw4vkiz33cink1f95gkt6.png","fqdn":"tp.xinxiyidiantong.com","domain":"xinxiyidiantong.com","tld":"com"},"ip":{"addr":"27.124.44.50","port":5868,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.576Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"tp.xinxiyidiantong.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Sep 2025 11:36:35 GMT","end":"Thu, 18 Dec 2025 11:36:34 GMT"},"fingerprint":{"sha1":"42:AC:AC:86:E9:93:0A:FB:BB:4F:2F:69:BC:50:70:0F:13:C8:7F:16","sha256":"D3:F9:F5:85:00:77:6D:E5:3F:0F:A3:CE:E1:E2:AB:55:75:E8:94:D2:40:56:DB:DC:40:D7:30:17:9F:4C:39:3C"}}},"request":{"raw":"GET /uploads/73in1fspksw4vkiz33cink1f95gkt6.png HTTP/1.1\r\nHost: tp.xinxiyidiantong.com:5868\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:19 GMT\r\nContent-Type: image/png\r\nContent-Length: 85269\r\nLast-Modified: Thu, 30 May 2024 07:57:09 GMT\r\nConnection: keep-alive\r\nETag: \"66583155-14d15\"\r\nExpires: Fri, 12 Dec 2025 07:52:19 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85269,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1000x200, components 3","md5":"dd634dd0e0dd49206dcc5895ead43e77","sha1":"1ed15d3f4c9f439901ad35e48e997cd61e21da0c","sha256":"e5bd386dd7f166c21d2b28383dc15fc365a6a9dcad30f3d31ea03ade011f980c","sha512":"520f5c0aaa03859ad2b7a39b5aab91564d24efc9e54f802d07a2e0922089836fd44e43caba81c133e1344efee4d923759abf5bbb60b03049f0ff09c9ab924ec3","ssdeep":"1536:ghHfCs1mEmhYj/SLO+lC1zjLUKOjQ6FmkyjQ5UpshRm6gccXc5s5+IsI0h:YfC2m3qQCZXoDmkyjQjhR/BcM210h","tlshash":"6a83020460391e2efad6bc306e2d59bf96a59012e3a7d2b774e6386ff3b8130114c54e","first_seen":"2024-06-02T21:28:55Z","last_seen":"2026-04-05T04:58:55.065079Z","times_seen":1497,"resource_available":false,"data":null}},"time_used":1806,"timings":{"blocked":-1,"dns":0,"connect":293,"send":0,"wait":589,"receive":329,"ssl":594},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/js/JSChat.js","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.289Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/JSChat.js HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:15 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":1596,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text","md5":"5122b87041a34991740a2418cf688de4","sha1":"ae0142e84d1e0f3c4749ea58827ae56d2a32fbbc","sha256":"40061d6dc948529ad974ca45b9b63d65ff87037086f65629d1e958cb1de10ccd","sha512":"a96700940fd242137764811caa4748780c79b6925f05ad2b31238126ee24d24ab70c05f0c72de11fde17efd99247a5b3225dbdc708249c59f9b047d5e435a481","ssdeep":"","tlshash":"de31edb24a53931209094ea3c71a134ce267915b9117e8623d3d6d643f88927b7997f0","first_seen":"2025-04-06T23:54:49.048059Z","last_seen":"2026-04-05T04:58:55.064088Z","times_seen":470,"resource_available":false,"data":null}},"time_used":467,"timings":{"blocked":121,"dns":1,"connect":159,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.dgtjauto.com/Skins/329529/images/logo.jpg","fqdn":"www.dgtjauto.com","domain":"dgtjauto.com","tld":"com"},"ip":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.913Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/logo.jpg HTTP/1.1\r\nHost: www.dgtjauto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/jpeg\r\nContent-Length: 17248\r\nConnection: keep-alive\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\nLast-Modified: Wed, 08 May 2024 03:17:24 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0bafc3ef6a0da1:0\"\r\nX-Powered-By: ASP.NET-114.4.178\r\nReferrer-Policy: unsafe-url\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nVia: ens-cache25.l2cn7147[39,39,200-0,M], ens-cache70.l2cn7147[40,0], kunlun8.cn6425[58,58,200-0,M], kunlun9.cn6425[59,0]\r\nAli-Swift-Global-Savetime: 1762933938\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Wed, 12 Nov 2025 07:52:18 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: 3da0c01317629339382747810e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":14165,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 380x70, components 3","md5":"b70d3eaca3e2ca7d5f9539017fd65918","sha1":"1deb706242c421785a4697b390d0abfee155ea64","sha256":"df0e82854105c3b5b5dd6f2a837158866afbd3043a84b3d5c476f9b3b6f23eb9","sha512":"050f5c0c7614e054a62fa0bb128755c88f86f78824687531d9fbc2f459ef57e4569b987ad5b5d84eda846755213365caca168d7af07843680fced89ca8fb8b77","ssdeep":"384:YYLaSSqszk8THsCx+/VPGBCirY2uwRlze1+Nmhl9j:FLSqszkgHsCM0BC+uSlz++wnB","tlshash":"2b52e1faf457c9482c6ca96520d7c8afb8835388dd63d599c1e6a86bd2706ffc072407","first_seen":"2025-11-12T07:52:48.707185Z","last_seen":"2025-11-12T07:52:48.707185Z","times_seen":1,"resource_available":false,"data":null}},"time_used":618,"timings":{"blocked":-1,"dns":1,"connect":263,"send":0,"wait":321,"receive":32,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41596,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.476967+0000\",\"flow_id\":12520847941992,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41596,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/logo.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":5,\"bytes_toserver\":665,\"bytes_toclient\":2516,\"start\":\"2025-11-12T07:52:17.893288+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.dgtjauto.com/Skins/329529/images/morejt2.png","fqdn":"www.dgtjauto.com","domain":"dgtjauto.com","tld":"com"},"ip":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.196Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/morejt2.png HTTP/1.1\r\nHost: www.dgtjauto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/png\r\nContent-Length: 2742\r\nConnection: keep-alive\r\nDate: Wed, 12 Nov 2025 07:52:19 GMT\r\nLast-Modified: Wed, 08 May 2024 03:17:25 GMT\r\nAccept-Ranges: bytes\r\nETag: \"8050953ff6a0da1:0\"\r\nX-Powered-By: ASP.NET-115.4.181\r\nReferrer-Policy: unsafe-url\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nVia: cache12.l2cn3022[21,21,200-0,M], cache28.l2cn3022[23,0], kunlun2.cn6425[31,30,200-0,M], kunlun8.cn6425[32,0]\r\nAli-Swift-Global-Savetime: 1762933939\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Wed, 12 Nov 2025 07:52:19 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: 3da0c01217629339389906569e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":2742,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced","md5":"64d50a7e5f4df019d2d2aba0bde8cd28","sha1":"32535dbd6e969f1a42fc22335d1fb25449728b25","sha256":"2d784e9a870833dcf327f2d68353df0d0d4c19a056b66809da7a19718a002a17","sha512":"1b46780c3e1a88fa5bdc48adbf364a7f3662e386594dc6f11d99e6ca6fadaf949185cccf08343fd1ba668158a0a7cb237eabc3dd21a355a6df1cb983ce575461","ssdeep":"","tlshash":"4e510c0dfc6068515a4ef989d9fc924297b71fc08e6168499ecac8135d604f9cdcd9cb","first_seen":"2025-03-09T15:25:07.225187Z","last_seen":"2026-03-20T10:57:50.310609Z","times_seen":23,"resource_available":false,"data":null}},"time_used":972,"timings":{"blocked":667,"dns":0,"connect":0,"send":0,"wait":304,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:19Z","timestamp":1762933939,"ip_dst":{"addr":"172.18.0.2","port":41578,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:19.168265+0000\",\"flow_id\":289853328692448,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41578,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/morejt2.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1460},\"files\":[{\"filename\":\"/Skins/329529/images/morejt2.png\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":1460,\"tx_id\":2}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":17,\"pkts_toclient\":18,\"bytes_toserver\":2070,\"bytes_toclient\":17326,\"start\":\"2025-11-12T07:52:17.890080+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"zgungames.com/","fqdn":"zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-12T07:52:14.065Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:14 GMT\r\nContent-Type: text/html\r\nContent-Length: 178\r\nConnection: keep-alive\r\nLocation: http://www.zgungames.com/\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":490,"timings":{"blocked":163,"dns":0,"connect":163,"send":0,"wait":163,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-12T07:52:14.739Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:15 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]}],"data":{"size":57878,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (629)","md5":"32cac13d726fd220a7e0d76f67b9afae","sha1":"e3a363ca2cad282fcdc62496f5b4938c9af4bc79","sha256":"3ba1f7921097f1702ff1c3be546bbf9519d9cf93315f0741d2aa22a1fea88abb","sha512":"17ed68f2f676f13c9af6aef685419192b3ee2e13a47b99dbed640d47df05428d3f7a8c405f874d68a4ffdd0449a25adffe756e1d48b0544a575dacd2597747eb","ssdeep":"1536:xr2uDpOFmaadOcTKkDRYCySpiKJrXj/hgYIBJUT41nkhz9u5QA7t:xr2uQFmpRYUF3zk6Ax","tlshash":"bd43d76504e52d2e11b612e165b4bb2eb8817667f953ad4971fc7b8bcfc2fc24e03089","first_seen":"2025-11-12T07:51:19.498207Z","last_seen":"2025-11-12T07:52:48.709488Z","times_seen":2,"resource_available":false,"data":null}},"time_used":701,"timings":{"blocked":165,"dns":1,"connect":167,"send":0,"wait":201,"receive":167,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.dgtjauto.com/Skins/329529/images/banner1.jpg","fqdn":"www.dgtjauto.com","domain":"dgtjauto.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.898Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/banner1.jpg HTTP/1.1\r\nHost: www.dgtjauto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.dgtjauto.com/Skins/329529/images/footli2.png","fqdn":"www.dgtjauto.com","domain":"dgtjauto.com","tld":"com"},"ip":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.230Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/footli2.png HTTP/1.1\r\nHost: www.dgtjauto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/png\r\nContent-Length: 2021\r\nConnection: keep-alive\r\nDate: Wed, 12 Nov 2025 07:52:19 GMT\r\nLast-Modified: Wed, 08 May 2024 03:17:18 GMT\r\nAccept-Ranges: bytes\r\nETag: \"033693bf6a0da1:0\"\r\nX-Powered-By: ASP.NET-115.4.181\r\nReferrer-Policy: unsafe-url\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nVia: cache27.l2cn3059[21,20,200-0,M], cache21.l2cn3059[21,0], kunlun7.cn6425[31,31,200-0,M], kunlun7.cn6425[33,0]\r\nAli-Swift-Global-Savetime: 1762933939\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Wed, 12 Nov 2025 07:52:19 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: 3da0c01117629339391912230e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":2021,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 19, 8-bit/color RGBA, non-interlaced","md5":"85216bea28db82b74127839626f76f08","sha1":"459a6c52809a0a5d3485b681f88a40501c2845da","sha256":"0ad724a8fd924a3241f8d422a72cd4c570e36124cf8357bf537bdf4d190f6c5c","sha512":"78c4673ff22d694b12a5201221cd623f087ea17b5c44ce4df74e7b140ea44ea9b02a3294a4bc220005cdd3c689754d96afc2e29fea9e314f7ab2a165a432cd23","ssdeep":"","tlshash":"6841b489e9d12c406a4dfd4a29e94283aa7f46c4d7836445bcdec48759321bbec8d4c3","first_seen":"2025-03-09T15:25:07.222524Z","last_seen":"2026-03-20T10:57:50.31123Z","times_seen":26,"resource_available":false,"data":null}},"time_used":1151,"timings":{"blocked":869,"dns":0,"connect":0,"send":0,"wait":282,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:29Z","timestamp":1762933949,"ip_dst":{"addr":"172.18.0.2","port":41604,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:29.611082+0000\",\"flow_id\":593105937114079,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41604,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/footli2.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2021},\"files\":[{\"filename\":\"/Skins/329529/images/footli2.png\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":2021,\"tx_id\":2}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":20,\"pkts_toclient\":22,\"bytes_toserver\":2230,\"bytes_toclient\":22551,\"start\":\"2025-11-12T07:52:18.140255+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tp.xinxiyidiantong.com:5868/uploads/vinb9ufmfncf975y9rvx382nt7h7123khi4lo6kk.gif","fqdn":"tp.xinxiyidiantong.com","domain":"xinxiyidiantong.com","tld":"com"},"ip":{"addr":"27.124.44.50","port":5868,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"tp.xinxiyidiantong.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Sep 2025 11:36:35 GMT","end":"Thu, 18 Dec 2025 11:36:34 GMT"},"fingerprint":{"sha1":"42:AC:AC:86:E9:93:0A:FB:BB:4F:2F:69:BC:50:70:0F:13:C8:7F:16","sha256":"D3:F9:F5:85:00:77:6D:E5:3F:0F:A3:CE:E1:E2:AB:55:75:E8:94:D2:40:56:DB:DC:40:D7:30:17:9F:4C:39:3C"}}},"request":{"raw":"GET /uploads/vinb9ufmfncf975y9rvx382nt7h7123khi4lo6kk.gif HTTP/1.1\r\nHost: tp.xinxiyidiantong.com:5868\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:19 GMT\r\nContent-Type: image/gif\r\nContent-Length: 214316\r\nLast-Modified: Thu, 14 Nov 2019 06:29:46 GMT\r\nConnection: keep-alive\r\nETag: \"5dccf45a-3452c\"\r\nExpires: Fri, 12 Dec 2025 07:52:19 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":214316,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=3, software=Adobe Photoshop CC 2014 (Windows), datetime=2019-09-30T17:50:59+08:00], progressive, precision 8, 1020x255, components 3","md5":"8fbc123b4636b3c9a8f1411c160a9e99","sha1":"48f62c4c22122a04026a1e329bccce93fc7aae77","sha256":"69f497a64f8dab090cb547e5f9063b1c33d0d8fc87573f87eff1016fb2d4dad5","sha512":"821f26949d9b21304202d7cd0945a3351e3420ebba3d129b6111176978e3a5ba1e4135a963042eaa59be817cf02182f8761c7a0ba2fd9271c4b53304d69a3671","ssdeep":"6144:p5K6mEbeWe5b5/AT6dvesgRvyNlbc+6cKO90asTGIo5lj:u6tbeWe59oudvpg5yPblXKUIGlj","tlshash":"cb24130bfa57e081d29a4db4c077677cdc4f8b56aaa4563ae66c2c2cc7d05c3b0ad246","first_seen":"2023-05-06T09:40:17Z","last_seen":"2026-04-04T16:12:34.549491Z","times_seen":1495,"resource_available":false,"data":null}},"time_used":2207,"timings":{"blocked":-1,"dns":0,"connect":265,"send":0,"wait":529,"receive":843,"ssl":568},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img55.chem17.com/gxhpic_dea7ae3c8e/f4ab28128bc76c9fac48cb19193207a2ff57d177b4a009c0b7f3ea5b50627d771e6fe084577ad769_500_500_5.png","fqdn":"img55.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"218.12.77.90","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.311Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/f4ab28128bc76c9fac48cb19193207a2ff57d177b4a009c0b7f3ea5b50627d771e6fe084577ad769_500_500_5.png HTTP/1.1\r\nHost: img55.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img55.chem17.com/gxhpic_dea7ae3c8e/f4ab28128bc76c9fac48cb19193207a2ff57d177b4a009c0b7f3ea5b50627d771e6fe084577ad769_500_500_5.png\r\nX-CCDN-REQ-ID-46B1: 2fe93f197a8eca283924dc9f14263ee0\r\nvia: CHN-HEshijiazhuang-AREACUCC11-CACHE42[16]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2587,"timings":{"blocked":2025,"dns":1,"connect":271,"send":0,"wait":290,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/Skins/329529/images/indbkbg.png","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.409Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/indbkbg.png HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/Skins/329529/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dgtjauto.com/Skins/329529/images/indbkbg.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":4526,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":426,"timings":{"blocked":238,"dns":0,"connect":0,"send":0,"wait":188,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.dgtjauto.com/Skins/329529/images/banner2.jpg","fqdn":"www.dgtjauto.com","domain":"dgtjauto.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.908Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/banner2.jpg HTTP/1.1\r\nHost: www.dgtjauto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img76.chem17.com/gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bca437d71737539b6241ca45226b830350b5b9596083fb8ac2_500_500_5.png","fqdn":"img76.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"218.11.1.241","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.317Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bca437d71737539b6241ca45226b830350b5b9596083fb8ac2_500_500_5.png HTTP/1.1\r\nHost: img76.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img76.chem17.com/gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bca437d71737539b6241ca45226b830350b5b9596083fb8ac2_500_500_5.png\r\nX-CCDN-REQ-ID-46B1: 1d1c40f63b260e8b73d3b9c53b04fae4\r\nvia: CHN-HEshijiazhuang-AREACUCC12-CACHE14[6]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2637,"timings":{"blocked":2019,"dns":1,"connect":302,"send":0,"wait":315,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img50.chem17.com/gxhpic_dea7ae3c8e/88c648add642a1ecb59f5414f8c930e709c407789f2605941d86a4efd81eccf347ab35c77539fb46_500_500_5.png","fqdn":"img50.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.986Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/88c648add642a1ecb59f5414f8c930e709c407789f2605941d86a4efd81eccf347ab35c77539fb46_500_500_5.png HTTP/1.1\r\nHost: img50.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":125,"timings":{"blocked":124,"dns":1,"connect":313,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.dgtjauto.com/Skins/329529/images/artico.png","fqdn":"www.dgtjauto.com","domain":"dgtjauto.com","tld":"com"},"ip":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.215Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/artico.png HTTP/1.1\r\nHost: www.dgtjauto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/png\r\nContent-Length: 2706\r\nConnection: keep-alive\r\nDate: Wed, 12 Nov 2025 07:52:19 GMT\r\nLast-Modified: Wed, 08 May 2024 03:17:04 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0f81033f6a0da1:0\"\r\nX-Powered-By: ASP.NET-115.4.180\r\nReferrer-Policy: unsafe-url\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nVia: cache46.l2cn8000[84,84,200-0,M], cache14.l2cn8000[85,0], kunlun1.cn6425[94,93,200-0,M], kunlun4.cn6425[95,0]\r\nAli-Swift-Global-Savetime: 1762933939\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Wed, 12 Nov 2025 07:52:19 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: 3da0c00e17629339389756421e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":2706,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 26 x 30, 8-bit/color RGBA, non-interlaced","md5":"673e1e71335d50688414e84e7ec3ac8d","sha1":"184273452c6334cc20127b7c8a5e0110fca90719","sha256":"93cb041e55b0b50b58477084dd5a742f490a1ffaf20ee7b121687604c6f5a717","sha512":"1a4553c4c2348911d21da0c64cead29c7f31484a952841076893fa94acffca9b55d092424b5eeb31aff36b4b3a433838554ee531e07861ad2297fb8b5a7d88ae","ssdeep":"","tlshash":"94516106f8a1ac44551df18996fca24357b34ed48ed2285daecd8c020d609edcd8d9e7","first_seen":"2025-03-09T15:25:07.240412Z","last_seen":"2026-03-20T10:57:50.321321Z","times_seen":23,"resource_available":false,"data":null}},"time_used":1002,"timings":{"blocked":656,"dns":0,"connect":0,"send":0,"wait":345,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:29Z","timestamp":1762933949,"ip_dst":{"addr":"172.18.0.2","port":41620,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:29.492663+0000\",\"flow_id\":1885861028441595,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41620,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/artico.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2706},\"files\":[{\"filename\":\"/Skins/329529/images/artico.png\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":2706,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":10,\"bytes_toserver\":1313,\"bytes_toclient\":6650,\"start\":\"2025-11-12T07:52:18.142843+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/Skins/329529/images/mulu2.png","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.297Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/mulu2.png HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/Skins/329529/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dgtjauto.com/Skins/329529/images/mulu2.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":1888,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":190,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"public.mtnets.com/public/css/swiper.min.css","fqdn":"public.mtnets.com","domain":"mtnets.com","tld":"com"},"ip":{"addr":"218.11.0.74","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:16.282Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mtnets.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Fri, 05 Sep 2025 03:48:46 GMT","end":"Mon, 05 Oct 2026 03:48:45 GMT"},"fingerprint":{"sha1":"17:7D:9B:7D:77:E5:75:95:47:DB:97:C3:AB:B8:D0:E9:74:B6:07:84","sha256":"76:5C:C6:79:DF:08:A6:CD:BB:8D:53:C9:B4:57:D8:93:F6:E7:6A:58:6B:73:54:DB:67:7E:12:CE:5D:29:0A:D3"}}},"request":{"raw":"GET /public/css/swiper.min.css HTTP/1.1\r\nHost: public.mtnets.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/css\r\nContent-Length: 3049\r\nConnection: keep-alive\r\nServer: openresty\r\nVary: Accept-Encoding\r\nLast-Modified: Wed, 19 Apr 2023 08:15:09 GMT\r\nETag: W/\"8468abe9772d91:0\"\r\nX-Powered-By: ASP.NET-hg4.95\r\nAccess-Control-Allow-Origin: *\r\nContent-Encoding: gzip\r\nX-CCDN-Expires: 2069563\r\nvia: CHN-HEshijiazhuang-AREACUCC8-CACHE21[11],CHN-HEshijiazhuang-AREACUCC8-CACHE19[0,TCP_HIT,10],CHN-TJ-GLOBAL6-CACHE35[11],CHN-TJ-GLOBAL6-CACHE35[0,TCP_HIT,6]\r\nx-hcs-proxy-type: 1\r\nX-CCDN-CacheTTL: 2592000\r\nX-CCDN-REQ-ID-46B1: 16cbfe0a766dbf5173c49c703184c3b2\r\nnginx-hit: 1\r\nAge: 522437\r\nAccept-Ranges: bytes\r\nStrict-Transport-Security: max-age=31622400; includeSubDomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17486,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (17459), with CRLF line terminators","md5":"bda93e7cce3fdf4c2eec521f26482bea","sha1":"223d7d3eef564bf0ddd518f7108aea9b66549f2b","sha256":"92c8b6eac3a38cc94bc72af85b93c8520538be81273271ba4bfcf3d1129e5779","sha512":"7bc84a2a40197e1999735190317f5008e43fab9f397ce477651c0ccd2f73b7b95272874ed4f723992e2d112975e1d4b6c47b28e941eb90756cd65fb97ce00448","ssdeep":"192:m+0GpaNCO8jrfg5WHmXgyXyzSHF68DJB0SwD:m+52CXfgWHfyXyzSl68Pe","tlshash":"5172832c17002067f6324f1987c9e77c9715c8839e4368ef6650de48cbbb5a9227f7a6","first_seen":"2023-11-16T23:41:59Z","last_seen":"2026-04-04T22:22:39.445925Z","times_seen":286,"resource_available":false,"data":null}},"time_used":1519,"timings":{"blocked":668,"dns":3,"connect":276,"send":0,"wait":289,"receive":0,"ssl":280},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tp.xinxiyidiantong.com:5868/uploads/bcxyd1s1sigdhca92z9vasjpppocuc81b03spnfn.jpg","fqdn":"tp.xinxiyidiantong.com","domain":"xinxiyidiantong.com","tld":"com"},"ip":{"addr":"27.124.44.50","port":5868,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.563Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"tp.xinxiyidiantong.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Sep 2025 11:36:35 GMT","end":"Thu, 18 Dec 2025 11:36:34 GMT"},"fingerprint":{"sha1":"42:AC:AC:86:E9:93:0A:FB:BB:4F:2F:69:BC:50:70:0F:13:C8:7F:16","sha256":"D3:F9:F5:85:00:77:6D:E5:3F:0F:A3:CE:E1:E2:AB:55:75:E8:94:D2:40:56:DB:DC:40:D7:30:17:9F:4C:39:3C"}}},"request":{"raw":"GET /uploads/bcxyd1s1sigdhca92z9vasjpppocuc81b03spnfn.jpg HTTP/1.1\r\nHost: tp.xinxiyidiantong.com:5868\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:19 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 152583\r\nLast-Modified: Fri, 14 Jun 2024 06:33:54 GMT\r\nConnection: keep-alive\r\nETag: \"666be452-25407\"\r\nExpires: Fri, 12 Dec 2025 07:52:19 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":152583,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x200, components 3","md5":"f4c61cf0f86071fdc7715e421bb8a464","sha1":"90d31d040689b43e3566c4ec06503c2f99bfaa5a","sha256":"1b6f9820794efaa5eaf8543afa077994581fc452547f6ce1403d8aa8a35d99e4","sha512":"a8e73e2a4298cbfe7cc5c1ecc7d464231e0869830a2d3733ac3fff44049bd0ab762881ab5655239b3a0f2d7e80a5ede7dc8595d5f32c5b3be2b4513603d5d464","ssdeep":"3072:v6yBYAMfLaJst63owdAvNmat+7zDQY1v1tGXLYaHGoNbnfraSMxPaEAjsPt:icNmY4C7l1sbptNfmSMBaE8sPt","tlshash":"4fe3128dc65c0be4eeacc6f46bfb5f455ed2e5f291a80f5268095251620d3ca3e36b0c","first_seen":"2024-06-15T00:51:04Z","last_seen":"2026-04-05T04:58:55.066621Z","times_seen":1355,"resource_available":false,"data":null}},"time_used":2214,"timings":{"blocked":-1,"dns":0,"connect":306,"send":0,"wait":612,"receive":676,"ssl":620},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chat.chem17.com/chat/KFCenterBox/329529","fqdn":"chat.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"180.163.146.116","port":443,"asn":4812,"as":"China Telecom Group","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.290Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.chem17.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Fri, 03 Jan 2025 06:14:58 GMT","end":"Mon, 02 Feb 2026 06:14:57 GMT"},"fingerprint":{"sha1":"EA:83:C4:F6:80:68:DA:E0:B9:5F:29:5F:25:1E:D7:C5:23:96:B4:5B","sha256":"F1:AD:AB:7C:0A:BE:EB:41:29:1E:D9:E5:50:CE:33:DC:53:3A:61:0B:3E:F8:FC:76:84:BF:3A:F4:D7:15:69:1F"}}},"request":{"raw":"GET /chat/KFCenterBox/329529 HTTP/1.1\r\nHost: chat.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: Tengine\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 49\r\ndate: Wed, 12 Nov 2025 07:52:16 GMT\r\ncache-control: private\r\nx-aspnetmvc-version: 3.0\r\nx-aspnet-version: 4.0.30319\r\nset-cookie: ASP.NET_SessionId=ncsxqy3tuzalsfvhxdgjtciy; path=/; HttpOnly; SameSite=Lax\nmtcached_mtsession_ncsxqy3tuzalsfvhxdgjtciy=10.115.3.112:9718; domain=chat.chem17.com; path=/; HttpOnly\r\nx-powered-by: ASP.NET-4.21\r\ncontent-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data:;\r\nvia: cache17.l2cn8123[62,61,200-0,M], cache4.l2cn8123[64,0], kunlun5.cn7174[90,89,200-0,M], kunlun9.cn7174[91,0]\r\nali-swift-global-savetime: 1762933936\r\nx-cache: MISS TCP_MISS dirn:-2:-2\r\nx-swift-savetime: Wed, 12 Nov 2025 07:52:16 GMT\r\nx-swift-cachetime: 0\r\ntiming-allow-origin: *\r\neagleid: b4a3921d17629339361011539e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Microsoft ASP.NET:4.0.30319","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":49,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"b936460ba988b30cd79d99ae93c77106","sha1":"a44405ff5b67abf66ef77714e4364e6c3f1e9940","sha256":"6cd604b71e1e21050b6a41602716b9a722e769a5d7cfb3b97152f3d73dcef5c9","sha512":"ad4731faf916fbb7118af38e25fa7e15814294950676fbd4ec41aeba5c7508ed34b7a7a4c98e1834e1096ea92e6301935699ed6df01a7416632e39063c0c9661","ssdeep":"","tlshash":"3990023209b10052711510915943e1456595959129de9915a00004a572529539a06d51","first_seen":"2023-03-07T12:42:46Z","last_seen":"2026-04-05T04:58:55.066133Z","times_seen":582,"resource_available":true,"data":null}},"time_used":1086,"timings":{"blocked":-1,"dns":37,"connect":227,"send":0,"wait":328,"receive":1,"ssl":493},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img54.chem17.com/gxhpic_dea7ae3c8e/73772409919cd492e186b85c10773c6ed3b5384701f72c2b3f0396220b7b78eaca1b85d74ba52bff_500_500_5.png","fqdn":"img54.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"218.11.1.241","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.307Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/73772409919cd492e186b85c10773c6ed3b5384701f72c2b3f0396220b7b78eaca1b85d74ba52bff_500_500_5.png HTTP/1.1\r\nHost: img54.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img54.chem17.com/gxhpic_dea7ae3c8e/73772409919cd492e186b85c10773c6ed3b5384701f72c2b3f0396220b7b78eaca1b85d74ba52bff_500_500_5.png\r\nX-CCDN-REQ-ID-46B1: 417cc5c62222b3bf7e3c4f67750eec20\r\nvia: CHN-HEshijiazhuang-AREACUCC12-CACHE20[5]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2625,"timings":{"blocked":2029,"dns":1,"connect":294,"send":0,"wait":301,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img68.chem17.com/gxhpic_dea7ae3c8e/f88901ed60928cfceacad77486e69e8b49ebc17192a1248810d2681a2ba609c297ba1377f23abbd8_500_500_5.jpg","fqdn":"img68.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"218.11.1.241","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.313Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/f88901ed60928cfceacad77486e69e8b49ebc17192a1248810d2681a2ba609c297ba1377f23abbd8_500_500_5.jpg HTTP/1.1\r\nHost: img68.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img68.chem17.com/gxhpic_dea7ae3c8e/f88901ed60928cfceacad77486e69e8b49ebc17192a1248810d2681a2ba609c297ba1377f23abbd8_500_500_5.jpg\r\nX-CCDN-REQ-ID-46B1: 7598b31f1029c4747c9189b932ef0545\r\nvia: CHN-HEshijiazhuang-AREACUCC12-CACHE1[6]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2490,"timings":{"blocked":2024,"dns":1,"connect":228,"send":0,"wait":236,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img48.chem17.com/gxhpic_dea7ae3c8e/88c648add642a1ec3a7769a45efc5b7a5589ace7388edf9ca14c278e51847350b1661161494991a2_500_500_5.png","fqdn":"img48.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.022Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/88c648add642a1ec3a7769a45efc5b7a5589ace7388edf9ca14c278e51847350b1661161494991a2_500_500_5.png HTTP/1.1\r\nHost: img48.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":240,"timings":{"blocked":238,"dns":2,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tp.xinxiyidiantong.com:5868/uploads/ndo5u75d8mk1is8ldrdhiw1h429tnk.gif","fqdn":"tp.xinxiyidiantong.com","domain":"xinxiyidiantong.com","tld":"com"},"ip":{"addr":"27.124.44.50","port":5868,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.579Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"tp.xinxiyidiantong.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Sep 2025 11:36:35 GMT","end":"Thu, 18 Dec 2025 11:36:34 GMT"},"fingerprint":{"sha1":"42:AC:AC:86:E9:93:0A:FB:BB:4F:2F:69:BC:50:70:0F:13:C8:7F:16","sha256":"D3:F9:F5:85:00:77:6D:E5:3F:0F:A3:CE:E1:E2:AB:55:75:E8:94:D2:40:56:DB:DC:40:D7:30:17:9F:4C:39:3C"}}},"request":{"raw":"GET /uploads/ndo5u75d8mk1is8ldrdhiw1h429tnk.gif HTTP/1.1\r\nHost: tp.xinxiyidiantong.com:5868\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:20 GMT\r\nContent-Type: image/gif\r\nContent-Length: 458771\r\nLast-Modified: Tue, 11 May 2021 11:49:00 GMT\r\nConnection: keep-alive\r\nETag: \"609a6f2c-70013\"\r\nExpires: Fri, 12 Dec 2025 07:52:20 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":458771,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1000 x 300","md5":"70f984740f0767b3a77491391f9fd051","sha1":"315ee281e1f8d78a98c9495ae21a85620f52365e","sha256":"8ca0d1746eea53fd71559c3903ea72e3c7020cbd546667c32511257fdc53dff6","sha512":"6a3c8cd2ceca01d278bc2affca199747c7c1c2318ac74f67bfbfed3027c9fec60102c513c1460edef51b9e6d0d0c4dcea3ade2b62c66f9b9a22960fab7769c59","ssdeep":"12288:LKGXVMvoygGLsJBQQNIqwVYHLMuJNEJnSftlyTAUozFb:hXWVhkFweLMuqSVI36","tlshash":"9ea42312575a395c0ab3a8e35c26ff8b4d35a1962322f03aa30fe57fd4404e794b6763","first_seen":"2023-10-31T02:49:06Z","last_seen":"2026-04-05T04:58:55.065613Z","times_seen":1481,"resource_available":false,"data":null}},"time_used":3592,"timings":{"blocked":1773,"dns":0,"connect":0,"send":0,"wait":297,"receive":1522,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img67.chem17.com/gxhpic_dea7ae3c8e/4b8cd55bb9473d45f8f346183a41632b54fcf2dadc697e60db02b8cec17940cb3a5690bc615e3570_500_500_5.png","fqdn":"img67.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"120.39.165.50","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.315Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/4b8cd55bb9473d45f8f346183a41632b54fcf2dadc697e60db02b8cec17940cb3a5690bc615e3570_500_500_5.png HTTP/1.1\r\nHost: img67.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img67.chem17.com/gxhpic_dea7ae3c8e/4b8cd55bb9473d45f8f346183a41632b54fcf2dadc697e60db02b8cec17940cb3a5690bc615e3570_500_500_5.png\r\nX-CCDN-REQ-ID-46B1: 75ce73f867e5d66b5bee3a7d0ecace60\r\nvia: CHN-FJxiamen-CT16-CACHE7[11]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2572,"timings":{"blocked":2020,"dns":2,"connect":269,"send":0,"wait":281,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/Skins/329529/fonts/impact.ttf","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.464Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/fonts/impact.ttf HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/Skins/329529/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":4085,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (835)","md5":"8f772a569d864cc6c661ab8c97513a1b","sha1":"54775dcfcbf1bfb899d2271d2427b2e818b007ed","sha256":"9cbf0e111939c648a37951f156dde2a0814de33e34c16e2cb48fbd3ed593be68","sha512":"040b2aff0c8e2564336bd9d30d4c2c54bc0c6c41409e3018d8251ead49e335d13e56a86d84dc6e2ca47895e9dea088b3f5e4ac1aed4c628317f2724bd6b17a13","ssdeep":"","tlshash":"a481f720a5d7213eb23380e26867b54cb091856bda019b34d1febee2cf476ce6433500","first_seen":"2025-11-12T07:51:19.480992Z","last_seen":"2025-11-12T07:52:48.714761Z","times_seen":2,"resource_available":false,"data":null}},"time_used":530,"timings":{"blocked":334,"dns":0,"connect":0,"send":0,"wait":196,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img59.chem17.com/gxhpic_dea7ae3c8e/f4ab28128bc76c9f6c7691e5bc81693cd9188b526dc454d383475b9c850287f0f1edfe1f38b08ed4_500_500_5.png","fqdn":"img59.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.991Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/f4ab28128bc76c9f6c7691e5bc81693cd9188b526dc454d383475b9c850287f0f1edfe1f38b08ed4_500_500_5.png HTTP/1.1\r\nHost: img59.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":157,"timings":{"blocked":156,"dns":1,"connect":276,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img78.chem17.com/gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bcbd72d4bc13a2ddc0472102af1a97d9191aea826804a67e1f_500_500_5.png","fqdn":"img78.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.995Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bcbd72d4bc13a2ddc0472102af1a97d9191aea826804a67e1f_500_500_5.png HTTP/1.1\r\nHost: img78.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":191,"timings":{"blocked":190,"dns":1,"connect":279,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img77.chem17.com/gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bc7821da627449600c21923c024b54bf7e4d1d2a1bd4506b68_500_500_5.png","fqdn":"img77.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"218.12.77.90","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.322Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bc7821da627449600c21923c024b54bf7e4d1d2a1bd4506b68_500_500_5.png HTTP/1.1\r\nHost: img77.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img77.chem17.com/gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bc7821da627449600c21923c024b54bf7e4d1d2a1bd4506b68_500_500_5.png\r\nX-CCDN-REQ-ID-46B1: 69cd2f5021f120bf73043f4e18bf63b1\r\nvia: CHN-HEshijiazhuang-AREACUCC11-CACHE34[8]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2586,"timings":{"blocked":2013,"dns":2,"connect":281,"send":0,"wait":290,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/Skins/329529/images/hengf.jpg","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.325Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/hengf.jpg HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dgtjauto.com/Skins/329529/images/hengf.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25845,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2221,"timings":{"blocked":2010,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img75.chem17.com/gxhpic_dea7ae3c8e/8975028d8e14767fc4f32723ea77a0bc099c89ed50101637324b401f103c01a3499e12216cc8d35d_500_500_5.png","fqdn":"img75.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.970Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/8975028d8e14767fc4f32723ea77a0bc099c89ed50101637324b401f103c01a3499e12216cc8d35d_500_500_5.png HTTP/1.1\r\nHost: img75.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":103,"dns":1,"connect":269,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img79.chem17.com/gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bc3ad5f82feda94ece71fc29429c62a8632b2d1e878606b32b_500_500_5.png","fqdn":"img79.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.983Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bc3ad5f82feda94ece71fc29429c62a8632b2d1e878606b32b_500_500_5.png HTTP/1.1\r\nHost: img79.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":114,"timings":{"blocked":114,"dns":0,"connect":327,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.dgtjauto.com/Skins/329529/images/arrows1.png","fqdn":"www.dgtjauto.com","domain":"dgtjauto.com","tld":"com"},"ip":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.432Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/arrows1.png HTTP/1.1\r\nHost: www.dgtjauto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/png\r\nContent-Length: 1360\r\nConnection: keep-alive\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\nLast-Modified: Wed, 08 May 2024 03:17:04 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0f81033f6a0da1:0\"\r\nX-Powered-By: ASP.NET-115.4.182\r\nReferrer-Policy: unsafe-url\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nVia: cache24.l2cn8786[22,21,200-0,M], cache1.l2cn8786[23,0], kunlun9.cn6425[44,43,200-0,M], kunlun6.cn6425[46,0]\r\nAli-Swift-Global-Savetime: 1762933938\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Wed, 12 Nov 2025 07:52:18 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: 3da0c01017629339385401327e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":1360,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"ca18c3400f1ccb39f1b891a315f9a2b8","sha1":"ca6c69282f82f17db11a115bc1428308b30320e5","sha256":"a799ce0e4e9e26454e8950dabef8eb6725bfb96afd5ac732bbefe9395168d684","sha512":"353ee8aa7765a7d8194f9997950a7be2ec716f1a592d96c887949f6251f066126b2868ffee43f31867c74d5799c989e95281d8378f91a987d3adecf058c32cd4","ssdeep":"","tlshash":"842141defd74d881d5a5a49135f72517e8560e4082e0ac477d8bd012483b0e1b97d1ce","first_seen":"2023-07-08T23:43:21Z","last_seen":"2026-03-22T12:26:17.032611Z","times_seen":133,"resource_available":false,"data":null}},"time_used":293,"timings":{"blocked":14,"dns":0,"connect":0,"send":0,"wait":278,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41636,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.724233+0000\",\"flow_id\":974621439570920,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41636,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/arrows1.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":614,\"bytes_toclient\":2339,\"start\":\"2025-11-12T07:52:18.144360+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.dgtjauto.com/Skins/329529/images/arrows2.png","fqdn":"www.dgtjauto.com","domain":"dgtjauto.com","tld":"com"},"ip":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.433Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/arrows2.png HTTP/1.1\r\nHost: www.dgtjauto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/png\r\nContent-Length: 1362\r\nConnection: keep-alive\r\nDate: Wed, 12 Nov 2025 07:52:19 GMT\r\nLast-Modified: Wed, 08 May 2024 03:17:04 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0f81033f6a0da1:0\"\r\nX-Powered-By: ASP.NET-115.4.182\r\nReferrer-Policy: unsafe-url\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nVia: ens-cache56.l2cn7147[56,55,200-0,M], ens-cache39.l2cn7147[57,0], kunlun2.cn6425[82,82,200-0,M], kunlun8.cn6425[85,0]\r\nAli-Swift-Global-Savetime: 1762933939\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Wed, 12 Nov 2025 07:52:19 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: 3da0c01217629339392957123e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":1362,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"ec451b748d47a1b45901f49f273710aa","sha1":"4d4354b46e0370c57488fbac3492628411cb6cb9","sha256":"b80ab4ab02d0ebc35df5557233eae0f55c565c1a516c8a9541c99ddd70ee63d7","sha512":"ea551f7fafc0b9e128cdb969746386e91c13554293d1887c7dae7cf066747dd53c67a72f4dd76720672f3e0afc777bf941d72805fcb3f3d86ae54f9383041b6b","ssdeep":"","tlshash":"f421502af9b064806798649228efe0a28b270a84c5e0e5d1fdcfd12b88714f4b4086db","first_seen":"2023-07-08T23:43:21Z","last_seen":"2026-03-22T12:26:17.043998Z","times_seen":133,"resource_available":false,"data":null}},"time_used":1093,"timings":{"blocked":736,"dns":0,"connect":0,"send":0,"wait":356,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:30Z","timestamp":1762933950,"ip_dst":{"addr":"172.18.0.2","port":41578,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:30.827511+0000\",\"flow_id\":289853328692448,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41578,\"proto\":\"TCP\",\"tx_id\":3,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/arrows2.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1362},\"files\":[{\"filename\":\"/Skins/329529/images/arrows2.png\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":1362,\"tx_id\":3}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":21,\"pkts_toclient\":22,\"bytes_toserver\":2664,\"bytes_toclient\":19664,\"start\":\"2025-11-12T07:52:17.890080+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.zgungames.com/","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-12T07:52:14.402Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":161,"timings":{"blocked":161,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"img76.chem17.com/gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bc4ee852b7f04baa6084d5dffde89ac05df4a07e4a4246fe82_500_500_5.png","fqdn":"img76.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"218.11.1.241","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.323Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bc4ee852b7f04baa6084d5dffde89ac05df4a07e4a4246fe82_500_500_5.png HTTP/1.1\r\nHost: img76.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img76.chem17.com/gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bc4ee852b7f04baa6084d5dffde89ac05df4a07e4a4246fe82_500_500_5.png\r\nX-CCDN-REQ-ID-46B1: 66207b09087f22aa28a1213c62229875\r\nvia: CHN-HEshijiazhuang-AREACUCC12-CACHE25[6]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2524,"timings":{"blocked":2013,"dns":1,"connect":251,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/Skins/329529/images/flbtbg1.png","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.425Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/flbtbg1.png HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/Skins/329529/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dgtjauto.com/Skins/329529/images/flbtbg1.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8691,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":500,"timings":{"blocked":309,"dns":0,"connect":0,"send":0,"wait":191,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img49.chem17.com/gxhpic_dea7ae3c8e/918f9a09f3f0cce0cc800de9bf1d1901aa48a7bd0704243cb8624ca10ead2b9e087effc004194fa0_500_500_5.png","fqdn":"img49.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.937Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/918f9a09f3f0cce0cc800de9bf1d1901aa48a7bd0704243cb8624ca10ead2b9e087effc004194fa0_500_500_5.png HTTP/1.1\r\nHost: img49.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":98,"dns":1,"connect":266,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.dgtjauto.com/Skins/329529/images/kefu.png","fqdn":"www.dgtjauto.com","domain":"dgtjauto.com","tld":"com"},"ip":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.030Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/kefu.png HTTP/1.1\r\nHost: www.dgtjauto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/png\r\nContent-Length: 14606\r\nConnection: keep-alive\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\nLast-Modified: Wed, 08 May 2024 03:17:22 GMT\r\nAccept-Ranges: bytes\r\nETag: \"08dcb3df6a0da1:0\"\r\nX-Powered-By: ASP.NET-115.4.178\r\nReferrer-Policy: unsafe-url\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nVia: cache22.l2ea120-8[17,16,200-0,M], cache19.l2ea120-8[17,0], kunlun5.cn6425[28,27,200-0,M], kunlun7.cn6425[29,0]\r\nAli-Swift-Global-Savetime: 1762933938\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Wed, 12 Nov 2025 07:52:18 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: 3da0c01117629339386141132e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":14606,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced","md5":"16658b683d9a02bebe05eb5cde7a0777","sha1":"6adff7842cd7dd643d3586ef4ba951035f6026a7","sha256":"b4879663ffec007ad7e56832c8463ee3a0cfaaec037516fbc4c84ce58155fdda","sha512":"936028030ec1ad0950b85fb4a9a20718e32f7a12f11744301c0216fa38741470fb9f3e76c6eea44b1e8889c17aeec4b049f90ce32b0f6dda8e9fec7fe0756c15","ssdeep":"384:QaDnEBgLk55MB6VzHFS5nRSllkWvmMZ64iIJW1sP/RA:VDEw6BeAlkW64LAqPi","tlshash":"2662af41fd230844834aee00a5cdd297ab17138ddbd1e1456ac6c8276f326fd8c5ee9a","first_seen":"2025-07-14T20:47:05.299597Z","last_seen":"2026-01-26T20:16:24.705594Z","times_seen":12,"resource_available":false,"data":null}},"time_used":772,"timings":{"blocked":492,"dns":0,"connect":0,"send":0,"wait":269,"receive":11,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41604,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.790065+0000\",\"flow_id\":593105937114079,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41604,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/kefu.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":611,\"bytes_toclient\":2443,\"start\":\"2025-11-12T07:52:18.140255+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img48.chem17.com/gxhpic_dea7ae3c8e/88c648add642a1ec3a7769a45efc5b7a5589ace7388edf9ca14c278e51847350b1661161494991a2_500_500_5.png","fqdn":"img48.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"218.12.77.90","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.298Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/88c648add642a1ec3a7769a45efc5b7a5589ace7388edf9ca14c278e51847350b1661161494991a2_500_500_5.png HTTP/1.1\r\nHost: img48.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img48.chem17.com/gxhpic_dea7ae3c8e/88c648add642a1ec3a7769a45efc5b7a5589ace7388edf9ca14c278e51847350b1661161494991a2_500_500_5.png\r\nX-CCDN-REQ-ID-46B1: 76bb660d40e47a0a515cbeac15e7b113\r\nvia: CHN-HEshijiazhuang-AREACUCC11-CACHE37[9]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2659,"timings":{"blocked":2037,"dns":2,"connect":305,"send":0,"wait":315,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.dgtjauto.com/Skins/329529/images/flbtbg2.png","fqdn":"www.dgtjauto.com","domain":"dgtjauto.com","tld":"com"},"ip":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.977Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/flbtbg2.png HTTP/1.1\r\nHost: www.dgtjauto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/png\r\nContent-Length: 6513\r\nConnection: keep-alive\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\nLast-Modified: Wed, 08 May 2024 03:17:17 GMT\r\nAccept-Ranges: bytes\r\nETag: \"809cd03af6a0da1:0\"\r\nX-Powered-By: ASP.NET-115.4.178\r\nReferrer-Policy: unsafe-url\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nVia: cache11.l2cn8813[16,16,200-0,M], cache39.l2cn8813[17,0], kunlun4.cn6425[36,36,200-0,M], kunlun9.cn6425[37,0]\r\nAli-Swift-Global-Savetime: 1762933938\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Wed, 12 Nov 2025 07:52:18 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: 3da0c01317629339386308487e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":6513,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 119 x 179, 8-bit/color RGBA, non-interlaced","md5":"102ddad9d6e5308044e5fb01afdcf994","sha1":"325342b21806f92d5c495190ee4e7cd0aab0d1cf","sha256":"dcfa4a4b2ebab065e025dd556103ca6817893108bd661f2a0621abefdfc163fe","sha512":"c8e81702089898407cbc2a606700af50708d3e9648956ffb509cdcc1d385f01e52d0e19c7b4f48fb9428ec2eb6be25addb38ec4aec382dc89a9be24ad8b922e0","ssdeep":"192:ZS87F8knEbsigoFp1BSg73JmB3UyA1n2ri/p5a7o+:A8NnEAfoFp1BLC3UFMriH5+","tlshash":"dfd18d0def926a2017dcad95fa99808316771f8092c370c02ccedc4628a44fbc91d6c6","first_seen":"2025-03-09T15:25:07.23129Z","last_seen":"2026-03-20T10:57:50.309523Z","times_seen":26,"resource_available":false,"data":null}},"time_used":841,"timings":{"blocked":533,"dns":0,"connect":0,"send":0,"wait":301,"receive":7,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41596,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.815013+0000\",\"flow_id\":12520847941992,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41596,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/flbtbg2.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1460},\"files\":[{\"filename\":\"/Skins/329529/images/flbtbg2.png\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":1460,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":20,\"pkts_toclient\":22,\"bytes_toserver\":1853,\"bytes_toclient\":24355,\"start\":\"2025-11-12T07:52:17.893288+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/jquery.la.min.js","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.583Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /jquery.la.min.js HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 17 Oct 2025 05:07:58 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"68f1cf2e-4c5\"\r\nExpires: Wed, 12 Nov 2025 08:52:18 GMT\r\nCache-Control: max-age=3600\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1221,"size_decoded":0,"mime_type":"application/javascript","magic":"HTML document, ASCII text, with very long lines (554)","md5":"d4b51ffe15958a81d90c7f2592705833","sha1":"9db4ffd50a1eadc66c4b3951295a3b30ba12a1b8","sha256":"46c1249793ab6f6b168aa586914a0da1c8617db8ef60404d7c98f6ed44be4c03","sha512":"fa499d8c313659800fe7aee0e2e096cb43bd1bf194ea93703b9c9bd86e82707000c40cd065139faa82f2c359e187e9d1dee87249b08e14927b9d2e4f56155e6f","ssdeep":"","tlshash":"3d21c15ffc15e2245b55287633bbedace9ae44319009d80769eec06c7d25ff94511a0c","first_seen":"2024-06-10T06:46:45Z","last_seen":"2026-03-29T21:47:46.905257Z","times_seen":29,"resource_available":true,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":159,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.159.107.113","port":80,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:19.080Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Length: 332\r\nOrigin: http://www.zgungames.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 210 Unknown Status\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: http://www.zgungames.com\r\nAccess-Control-Allow-Credentials: true\r\nServer: TencentEdgeOne\r\nContent-Length: 0\r\nConnection: keep-alive\r\nDate: Wed, 12 Nov 2025 07:52:19 GMT\r\nEO-LOG-UUID: 11959739620830148469\r\nEO-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"Unknown Status","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":356,"timings":{"blocked":47,"dns":18,"connect":24,"send":0,"wait":266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"push.zhanzhang.baidu.com/push.js","fqdn":"push.zhanzhang.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"182.61.201.93","port":80,"asn":38365,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.782Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /push.js HTTP/1.1\r\nHost: push.zhanzhang.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Encoding: gzip\r\nContent-Length: 232\r\nContent-Type: text/javascript\r\nServer: bfe\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":281,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with no line terminators","md5":"1bb5a3267c9865ad4abe8d937734b62b","sha1":"b5478dd2edb3e64242eced1db2dbd945ef81f592","sha256":"674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2","sha512":"33318ed944a49a8fa334983408d68853b1fbe4f80b19adef6235f23d7708b616cd4f8dd28c8b8ebfbb5776aab8088229f3060cd789af34fe1db5038a98bd0d39","ssdeep":"","tlshash":"91d02be874a0c41c0ce710b17fab328cfab20b2755244d40c05b90013614b1f824bfe9","first_seen":"2023-03-07T01:02:09Z","last_seen":"2026-04-05T07:15:15.461149Z","times_seen":20923,"resource_available":true,"data":null}},"time_used":483,"timings":{"blocked":0,"dns":14,"connect":234,"send":0,"wait":234,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img78.chem17.com/gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bce9bacc313b8cace85dd51de44fb25be7c7ba60b40e774e1a_500_500_5.png","fqdn":"img78.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.132Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bce9bacc313b8cace85dd51de44fb25be7c7ba60b40e774e1a_500_500_5.png HTTP/1.1\r\nHost: img78.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":228,"timings":{"blocked":228,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/Skins/329529/css/style.css","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.283Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/css/style.css HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:15 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":146956,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (398)","md5":"2253f253e8c78f826ca1b2373489fdf0","sha1":"d1d32eb32257c7ddf5cd80066e236028ebf5b01f","sha256":"dc87e03b0e05a18e1707496dcc4de7804cfda0583d76c9e3b46d13f7f9d28418","sha512":"929f49c9c7c6b0b843f87174d5dfef131d617ce72e0b71485fe0abe39503835076f4f651ed9f69a56b1b679df85214e656722d40bf983a9bd90b9af0428df79c","ssdeep":"1536:Fb1V9lcdacp3lS7afBk/b+Dqz0Z7cAD9+IKTFHscQe1P8DPwWwWV6fejZepLvZq8:X481","tlshash":"a9e35331ef41224de13b9636bf82a7dd33298557a3810afc9e947a34d1cf1ea45f2690","first_seen":"2025-11-12T07:51:19.522969Z","last_seen":"2025-11-12T07:52:48.720656Z","times_seen":2,"resource_available":false,"data":null}},"time_used":635,"timings":{"blocked":131,"dns":1,"connect":158,"send":0,"wait":185,"receive":159,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img67.chem17.com/gxhpic_dea7ae3c8e/4b8cd55bb9473d45f8f346183a41632b54fcf2dadc697e60db02b8cec17940cb3a5690bc615e3570_500_500_5.png","fqdn":"img67.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.972Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/4b8cd55bb9473d45f8f346183a41632b54fcf2dadc697e60db02b8cec17940cb3a5690bc615e3570_500_500_5.png HTTP/1.1\r\nHost: img67.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":114,"timings":{"blocked":113,"dns":1,"connect":262,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"public.mtnets.com/public/js/swiper.min.js","fqdn":"public.mtnets.com","domain":"mtnets.com","tld":"com"},"ip":{"addr":"218.11.0.74","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.288Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /public/js/swiper.min.js HTTP/1.1\r\nHost: public.mtnets.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:16 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://public.mtnets.com/public/js/swiper.min.js\r\nX-CCDN-REQ-ID-46B1: 389c6aea779c783d105b057b542acc71\r\nvia: CHN-HEshijiazhuang-AREACUCC8-CACHE21[0]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":96151,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":1851,"timings":{"blocked":782,"dns":566,"connect":251,"send":0,"wait":252,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img54.chem17.com/gxhpic_dea7ae3c8e/f4ab28128bc76c9f6c7691e5bc81693c705a02011e6462d023c363cedc4a45089a0f56ff1c88b29e_500_500_5.png","fqdn":"img54.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"218.11.1.241","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.309Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/f4ab28128bc76c9f6c7691e5bc81693c705a02011e6462d023c363cedc4a45089a0f56ff1c88b29e_500_500_5.png HTTP/1.1\r\nHost: img54.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img54.chem17.com/gxhpic_dea7ae3c8e/f4ab28128bc76c9f6c7691e5bc81693c705a02011e6462d023c363cedc4a45089a0f56ff1c88b29e_500_500_5.png\r\nX-CCDN-REQ-ID-46B1: 349c250723c6b62a1cccd31441ffeb6f\r\nvia: CHN-HEshijiazhuang-AREACUCC12-CACHE30[5]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2623,"timings":{"blocked":2027,"dns":1,"connect":295,"send":0,"wait":300,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img70.chem17.com/gxhpic_dea7ae3c8e/f88901ed60928cfceacad77486e69e8b2d0fb910a9e2ff1c74b0b15edc7fdb80ab71eb3f4a0b6c61_500_500_5.jpg","fqdn":"img70.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"116.153.39.128","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.312Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/f88901ed60928cfceacad77486e69e8b2d0fb910a9e2ff1c74b0b15edc7fdb80ab71eb3f4a0b6c61_500_500_5.jpg HTTP/1.1\r\nHost: img70.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img70.chem17.com/gxhpic_dea7ae3c8e/f88901ed60928cfceacad77486e69e8b2d0fb910a9e2ff1c74b0b15edc7fdb80ab71eb3f4a0b6c61_500_500_5.jpg\r\nX-CCDN-REQ-ID-46B1: 524704b772a09ec004ea47485cab7690\r\nvia: CHN-JXnanchang-AREACUCC1-CACHE66[7]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2561,"timings":{"blocked":2023,"dns":2,"connect":264,"send":0,"wait":272,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/Skins/329529/images/arrows2.png","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.401Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/arrows2.png HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/Skins/329529/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dgtjauto.com/Skins/329529/images/arrows2.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":1362,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":1023,"timings":{"blocked":790,"dns":0,"connect":0,"send":0,"wait":233,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tp.xinxiyidiantong.com:5868/uploads/9ac8ygliapz5ww4p3uuacykkfhn6am4w6t6hqand.png","fqdn":"tp.xinxiyidiantong.com","domain":"xinxiyidiantong.com","tld":"com"},"ip":{"addr":"27.124.44.50","port":5868,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.557Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"tp.xinxiyidiantong.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Sep 2025 11:36:35 GMT","end":"Thu, 18 Dec 2025 11:36:34 GMT"},"fingerprint":{"sha1":"42:AC:AC:86:E9:93:0A:FB:BB:4F:2F:69:BC:50:70:0F:13:C8:7F:16","sha256":"D3:F9:F5:85:00:77:6D:E5:3F:0F:A3:CE:E1:E2:AB:55:75:E8:94:D2:40:56:DB:DC:40:D7:30:17:9F:4C:39:3C"}}},"request":{"raw":"GET /uploads/9ac8ygliapz5ww4p3uuacykkfhn6am4w6t6hqand.png HTTP/1.1\r\nHost: tp.xinxiyidiantong.com:5868\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:19 GMT\r\nContent-Type: image/png\r\nContent-Length: 178073\r\nLast-Modified: Fri, 14 Jun 2024 06:35:05 GMT\r\nConnection: keep-alive\r\nETag: \"666be499-2b799\"\r\nExpires: Fri, 12 Dec 2025 07:52:19 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":178073,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1000 x 200","md5":"f10b57811b5cbd80cc2adb677fcbe3e2","sha1":"9c566090638bacef4fb11e5ce3798f6162f52770","sha256":"f4d197904303977c5b8764801ab45de427c7ea38e212e9e158aff5b3bdad6473","sha512":"f3665bcd909bba365acb53d64a6e95d2e1212eaf4f1f8a31419611e1d9a839366f058b9014caa35a429e8492643d49ea7937afce230f8fae1846317ab0a92893","ssdeep":"3072:kmOFOk0AYABeHXNScStRzJmQ3aNIYlmwLs6CLWBOcV8u2OPvr8qFw8Y79C6vaQgL:1AboHXNXStRzAUauwLaLWBOW7hw8elGV","tlshash":"4c0412697de7e838c12bd8d7c2cc57984810cc7c929d4023a6a74d406a77af2ce8d7ca","first_seen":"2024-02-16T22:50:56Z","last_seen":"2026-04-05T04:58:55.070565Z","times_seen":829,"resource_available":false,"data":null}},"time_used":2112,"timings":{"blocked":-1,"dns":1,"connect":296,"send":0,"wait":591,"receive":623,"ssl":601},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img75.chem17.com/gxhpic_dea7ae3c8e/8975028d8e14767fc4f32723ea77a0bc099c89ed50101637324b401f103c01a3499e12216cc8d35d_500_500_5.png","fqdn":"img75.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"106.8.246.201","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.316Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/8975028d8e14767fc4f32723ea77a0bc099c89ed50101637324b401f103c01a3499e12216cc8d35d_500_500_5.png HTTP/1.1\r\nHost: img75.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img75.chem17.com/gxhpic_dea7ae3c8e/8975028d8e14767fc4f32723ea77a0bc099c89ed50101637324b401f103c01a3499e12216cc8d35d_500_500_5.png\r\nX-CCDN-REQ-ID-46B1: 6a8d6fad451e43ef2ffe66d43ad010b5\r\nvia: CHN-HEcangzhou-AREACT3-CACHE56[13]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2567,"timings":{"blocked":2019,"dns":2,"connect":266,"send":0,"wait":280,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img78.chem17.com/gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bce9bacc313b8cace85dd51de44fb25be7c7ba60b40e774e1a_500_500_5.png","fqdn":"img78.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"106.8.246.201","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.319Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bce9bacc313b8cace85dd51de44fb25be7c7ba60b40e774e1a_500_500_5.png HTTP/1.1\r\nHost: img78.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img78.chem17.com/gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bce9bacc313b8cace85dd51de44fb25be7c7ba60b40e774e1a_500_500_5.png\r\nX-CCDN-REQ-ID-46B1: 0461a21e0290b76d2c8fb7384dbecf88\r\nvia: CHN-HEcangzhou-AREACT3-CACHE20[3]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2805,"timings":{"blocked":2016,"dns":2,"connect":518,"send":0,"wait":269,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/Skins/329529/images/footli3.png","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.438Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/footli3.png HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/Skins/329529/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dgtjauto.com/Skins/329529/images/footli3.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":2636,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":822,"timings":{"blocked":639,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.dgtjauto.com/Skins/329529/images/hengf.jpg","fqdn":"www.dgtjauto.com","domain":"dgtjauto.com","tld":"com"},"ip":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.910Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/hengf.jpg HTTP/1.1\r\nHost: www.dgtjauto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/jpeg\r\nContent-Length: 65600\r\nConnection: keep-alive\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\nLast-Modified: Wed, 08 May 2024 03:17:19 GMT\r\nAccept-Ranges: bytes\r\nETag: \"80c913cf6a0da1:0\"\r\nX-Powered-By: ASP.NET-114.4.178\r\nReferrer-Policy: unsafe-url\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nVia: cache28.l2cn8813[28,27,200-0,M], cache35.l2cn8813[29,0], kunlun4.cn6425[46,45,200-0,M], kunlun2.cn6425[47,0]\r\nAli-Swift-Global-Savetime: 1762933938\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Wed, 12 Nov 2025 07:52:18 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: 3da0c00c17629339383025013e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":25845,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x243, components 3","md5":"1214932e97077c53d0c927bd55b9502b","sha1":"d6b0c45b92e1ffcf37e1e42259adf2e686adea27","sha256":"9b3da44709ad5dc11806f5bc32cfd4708d691c1f7f250ab1bd2c03bf1765814c","sha512":"71d9ec452e7e62542fbf7d661e4b1d61a6af406289b392e5b9567f852203f874c9246aa810e9492c01f84090c4aab8a72c945f862575c90b38a418fb4275cb03","ssdeep":"768:rAsrwzB3DPz+ukp1Fn3Tvn+Pee8z+dGnJXdA4GR:lrYB3Dr+u+19Dv+Pee8wyy","tlshash":"03c2e07fb7821521910fa7b024e2353349a095f39fd44fcad8f96846ea18261c19f7f6","first_seen":"2025-11-12T07:52:48.722422Z","last_seen":"2025-11-12T07:52:48.722422Z","times_seen":1,"resource_available":false,"data":null}},"time_used":627,"timings":{"blocked":-1,"dns":1,"connect":280,"send":0,"wait":329,"receive":17,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41588,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.500631+0000\",\"flow_id\":1993441369234031,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41588,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/hengf.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":5,\"bytes_toserver\":666,\"bytes_toclient\":2508,\"start\":\"2025-11-12T07:52:17.891503+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img70.chem17.com/gxhpic_dea7ae3c8e/f88901ed60928cfceacad77486e69e8bf7bbd6a0402c0a01d1c1c6677ba385f58ac1d09510b39057_500_500_5.jpg","fqdn":"img70.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.968Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/f88901ed60928cfceacad77486e69e8bf7bbd6a0402c0a01d1c1c6677ba385f58ac1d09510b39057_500_500_5.jpg HTTP/1.1\r\nHost: img70.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":93,"dns":0,"connect":279,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img70.chem17.com/gxhpic_dea7ae3c8e/f88901ed60928cfceacad77486e69e8bf7bbd6a0402c0a01d1c1c6677ba385f58ac1d09510b39057_500_500_5.jpg","fqdn":"img70.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"116.153.39.128","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.314Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/f88901ed60928cfceacad77486e69e8bf7bbd6a0402c0a01d1c1c6677ba385f58ac1d09510b39057_500_500_5.jpg HTTP/1.1\r\nHost: img70.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img70.chem17.com/gxhpic_dea7ae3c8e/f88901ed60928cfceacad77486e69e8bf7bbd6a0402c0a01d1c1c6677ba385f58ac1d09510b39057_500_500_5.jpg\r\nX-CCDN-REQ-ID-46B1: 01e94ae1190ab4db72fed70a091f7c81\r\nvia: CHN-JXnanchang-AREACUCC1-CACHE16[10]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2568,"timings":{"blocked":2021,"dns":2,"connect":264,"send":0,"wait":281,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fcl.xueyuxingfeng.com:6987/067/ade/sj.js","fqdn":"fcl.xueyuxingfeng.com","domain":"xueyuxingfeng.com","tld":"com"},"ip":{"addr":"27.124.44.6","port":6987,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.577Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"fcl.xueyuxingfeng.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 18 Sep 2025 11:34:45 GMT","end":"Wed, 17 Dec 2025 11:34:44 GMT"},"fingerprint":{"sha1":"3B:EB:69:43:26:9B:29:D0:20:6D:C6:E8:E8:EC:EC:A8:49:1C:87:11","sha256":"59:54:B2:CF:7D:5E:9A:65:64:A7:4D:DC:18:B7:54:44:5A:32:E7:9B:95:F3:1C:56:3F:70:F1:FB:23:53:25:C3"}}},"request":{"raw":"GET /067/ade/sj.js HTTP/1.1\r\nHost: fcl.xueyuxingfeng.com:6987\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:16 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Fri, 13 Dec 2024 04:59:05 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"675bbf19-d26\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3366,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"fa19716607c7d8137d9cfbe623dba7cb","sha1":"e46242940c345610d692c2b1ce8fe9c1152aa46c","sha256":"cc9193fc7e8e2722b308b5de9881b0442e21363e33b296824381d574816bae16","sha512":"391ff0cdc99fdcfb81af8a0a72425b9e178309d74d5ec96642dbfc1fdd98be8529260af73ac6896dd45266adde8cfcfa96083e4c94a10ef1a3e593de0915d60b","ssdeep":"","tlshash":"4b611f54ef8d20338e133155ae6f958c24be68577d48eca7f84c64d44fa0d38852beac","first_seen":"2024-12-18T10:35:23.532443Z","last_seen":"2026-04-04T22:13:19.170087Z","times_seen":212,"resource_available":true,"data":null}},"time_used":2784,"timings":{"blocked":1253,"dns":419,"connect":275,"send":0,"wait":276,"receive":1,"ssl":557},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/Skins/329529/images/kefu-tb.png","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.440Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/kefu-tb.png HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/Skins/329529/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dgtjauto.com/Skins/329529/images/kefu-tb.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":20057,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":580,"timings":{"blocked":395,"dns":0,"connect":0,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/Skins/329529/images/banner2.jpg","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.296Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/banner2.jpg HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dgtjauto.com/Skins/329529/images/banner2.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2250,"timings":{"blocked":2039,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/Skins/329529/images/flbtbg2.png","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.427Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/flbtbg2.png HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/Skins/329529/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dgtjauto.com/Skins/329529/images/flbtbg2.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6513,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":461,"timings":{"blocked":276,"dns":0,"connect":0,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.dgtjauto.com/Skins/329529/images/mulu0.png","fqdn":"www.dgtjauto.com","domain":"dgtjauto.com","tld":"com"},"ip":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.032Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/mulu0.png HTTP/1.1\r\nHost: www.dgtjauto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/png\r\nContent-Length: 1915\r\nConnection: keep-alive\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\nLast-Modified: Wed, 08 May 2024 03:17:25 GMT\r\nAccept-Ranges: bytes\r\nETag: \"8050953ff6a0da1:0\"\r\nX-Powered-By: ASP.NET-115.4.180\r\nReferrer-Policy: unsafe-url\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nVia: cache51.l2cn8786[27,26,200-0,M], cache90.l2cn8786[29,0], kunlun1.cn6425[44,43,200-0,M], kunlun5.cn6425[47,0]\r\nAli-Swift-Global-Savetime: 1762933938\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Wed, 12 Nov 2025 07:52:18 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: 3da0c00f17629339386223007e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":1915,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 31 x 31, 8-bit/color RGBA, non-interlaced","md5":"ecc7e1803e00fdc502b6f6f63b0fec66","sha1":"c32a08ee6da27babe92dc9de6f0ac671a818e53e","sha256":"f2b4c3f3506100ef8674d52bf491f97e426668d72c0d921ed5cef821f14611c2","sha512":"1c34d93e65bf77ae3ff4f1bc7ea9b6fc4c312b50a3da3b3606509abc01f58ef1703fe0cca9e3c7afd4f2e14a2da897ecf49f7da1dfa7af4d3ebfb4ee18e11f4f","ssdeep":"","tlshash":"2a41848af910bc51584df946bdfba2572b375be186d26811bcca884324b20f9cc0d4da","first_seen":"2025-03-09T15:25:07.224556Z","last_seen":"2026-03-20T10:57:50.327111Z","times_seen":26,"resource_available":false,"data":null}},"time_used":783,"timings":{"blocked":490,"dns":0,"connect":0,"send":0,"wait":293,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:19Z","timestamp":1762933939,"ip_dst":{"addr":"172.18.0.2","port":41610,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:19.061764+0000\",\"flow_id\":1434011141548065,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41610,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/mulu0.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1915},\"files\":[{\"filename\":\"/Skins/329529/images/mulu0.png\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":1915,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":6,\"bytes_toserver\":1162,\"bytes_toclient\":3004,\"start\":\"2025-11-12T07:52:18.141345+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"api.share.baidu.com/s.gif?l=http://www.zgungames.com/","fqdn":"api.share.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.275Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /s.gif?l=http://www.zgungames.com/ HTTP/1.1\r\nHost: api.share.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.159.107.113","port":80,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:19.125Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Length: 330\r\nOrigin: http://www.zgungames.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 210 Unknown Status\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: http://www.zgungames.com\r\nAccess-Control-Allow-Credentials: true\r\nServer: TencentEdgeOne\r\nContent-Length: 0\r\nConnection: keep-alive\r\nDate: Wed, 12 Nov 2025 07:52:19 GMT\r\nEO-LOG-UUID: 8969110593186029245\r\nEO-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"Unknown Status","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":320,"timings":{"blocked":24,"dns":1,"connect":20,"send":0,"wait":275,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img76.chem17.com/gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bc3bfff82b6b1246b4fd401f83b7f725e22eab8ef35730c069_500_500_5.png","fqdn":"img76.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"218.11.1.241","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.318Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bc3bfff82b6b1246b4fd401f83b7f725e22eab8ef35730c069_500_500_5.png HTTP/1.1\r\nHost: img76.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img76.chem17.com/gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bc3bfff82b6b1246b4fd401f83b7f725e22eab8ef35730c069_500_500_5.png\r\nX-CCDN-REQ-ID-46B1: 63892a5c7f4660f9071d8d0b2b4f7ca6\r\nvia: CHN-HEshijiazhuang-AREACUCC12-CACHE19[2]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2622,"timings":{"blocked":2018,"dns":1,"connect":299,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img54.chem17.com/gxhpic_dea7ae3c8e/73772409919cd492e186b85c10773c6ed3b5384701f72c2b3f0396220b7b78eaca1b85d74ba52bff_500_500_5.png","fqdn":"img54.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.011Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/73772409919cd492e186b85c10773c6ed3b5384701f72c2b3f0396220b7b78eaca1b85d74ba52bff_500_500_5.png HTTP/1.1\r\nHost: img54.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":201,"timings":{"blocked":200,"dns":1,"connect":237,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.dgtjauto.com/Skins/329529/images/indnew_bg.jpg","fqdn":"www.dgtjauto.com","domain":"dgtjauto.com","tld":"com"},"ip":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.131Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/indnew_bg.jpg HTTP/1.1\r\nHost: www.dgtjauto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/jpeg\r\nContent-Length: 108281\r\nConnection: keep-alive\r\nDate: Wed, 12 Nov 2025 07:52:19 GMT\r\nLast-Modified: Wed, 08 May 2024 03:17:22 GMT\r\nAccept-Ranges: bytes\r\nETag: \"08dcb3df6a0da1:0\"\r\nX-Powered-By: ASP.NET-114.4.178\r\nReferrer-Policy: unsafe-url\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nVia: cache38.l2ea120-8[85,84,200-0,M], cache18.l2ea120-8[86,0], kunlun1.cn6425[95,95,200-0,M], kunlun9.cn6425[98,0]\r\nAli-Swift-Global-Savetime: 1762933939\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Wed, 12 Nov 2025 07:52:19 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: 3da0c01317629339389361046e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":108281,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1000, components 3","md5":"96f0c31c06171e79f85eef31c2cb7164","sha1":"56720360680ea1c34854b391810c1d26b3376f22","sha256":"f5b0b25d9c674106c99c9b3a525eeeb54b99aa54fdfa8c40236f7bc38c9033a2","sha512":"a49fcfa65a38143a76fb502535cfcb2246b4e7e1a3eda80eee44b0fafd9e1c1042546d815e8cd4491905d58e84ff93494ba087eca2e5ccda3d7a300e0650d319","ssdeep":"3072:N0o1FdMTq7K2r/y9TtGZAPuaU4H1hZkE2:NZwwFy9TtGZRaX1hZe","tlshash":"78b3128b0f63484bcf100a379c5beb13f768d8ea396b051994d6a92b0573538ae2d5f1","first_seen":"2025-03-09T15:25:07.243169Z","last_seen":"2026-03-20T10:57:50.322935Z","times_seen":22,"resource_available":false,"data":null}},"time_used":1574,"timings":{"blocked":688,"dns":0,"connect":0,"send":0,"wait":358,"receive":528,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:19Z","timestamp":1762933939,"ip_dst":{"addr":"172.18.0.2","port":41596,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:19.180994+0000\",\"flow_id\":12520847941992,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41596,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/indnew_bg.jpg\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/jpeg\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1460},\"files\":[{\"filename\":\"/Skins/329529/images/indnew_bg.jpg\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":1460,\"tx_id\":2}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":24,\"pkts_toclient\":29,\"bytes_toserver\":2449,\"bytes_toclient\":32003,\"start\":\"2025-11-12T07:52:17.893288+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img54.chem17.com/gxhpic_dea7ae3c8e/f4ab28128bc76c9f6c7691e5bc81693c3b001a18e060966f73db6581c56330684661421b4b8d9bee_500_500_5.png","fqdn":"img54.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"218.11.1.241","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.310Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/f4ab28128bc76c9f6c7691e5bc81693c3b001a18e060966f73db6581c56330684661421b4b8d9bee_500_500_5.png HTTP/1.1\r\nHost: img54.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img54.chem17.com/gxhpic_dea7ae3c8e/f4ab28128bc76c9f6c7691e5bc81693c3b001a18e060966f73db6581c56330684661421b4b8d9bee_500_500_5.png\r\nX-CCDN-REQ-ID-46B1: 45d049d36e853291044a867515f2fca4\r\nvia: CHN-HEshijiazhuang-AREACUCC12-CACHE25[1]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2586,"timings":{"blocked":2026,"dns":1,"connect":278,"send":0,"wait":281,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img79.chem17.com/gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bc3ad5f82feda94ece71fc29429c62a8632b2d1e878606b32b_500_500_5.png","fqdn":"img79.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"106.225.240.24","port":80,"asn":134238,"as":"CHINANET Jiangx province IDC network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.324Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bc3ad5f82feda94ece71fc29429c62a8632b2d1e878606b32b_500_500_5.png HTTP/1.1\r\nHost: img79.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img79.chem17.com/gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bc3ad5f82feda94ece71fc29429c62a8632b2d1e878606b32b_500_500_5.png\r\nX-CCDN-REQ-ID-46B1: 12d3dcf03b8e0eee2f7b00c73db11f92\r\nvia: CHN-JXnanchang-CT10-CACHE13[3]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2568,"timings":{"blocked":2011,"dns":1,"connect":276,"send":0,"wait":280,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img54.chem17.com/gxhpic_dea7ae3c8e/f4ab28128bc76c9f6c7691e5bc81693c3b001a18e060966f73db6581c56330684661421b4b8d9bee_500_500_5.png","fqdn":"img54.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.988Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/f4ab28128bc76c9f6c7691e5bc81693c3b001a18e060966f73db6581c56330684661421b4b8d9bee_500_500_5.png HTTP/1.1\r\nHost: img54.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":136,"timings":{"blocked":135,"dns":1,"connect":299,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.dgtjauto.com/Skins/329529/images/flbtbg1.png","fqdn":"www.dgtjauto.com","domain":"dgtjauto.com","tld":"com"},"ip":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.999Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/flbtbg1.png HTTP/1.1\r\nHost: www.dgtjauto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/png\r\nContent-Length: 8691\r\nConnection: keep-alive\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\nLast-Modified: Wed, 08 May 2024 03:17:17 GMT\r\nAccept-Ranges: bytes\r\nETag: \"809cd03af6a0da1:0\"\r\nX-Powered-By: ASP.NET-115.4.178\r\nReferrer-Policy: unsafe-url\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nVia: cache35.l2cn8786[42,41,200-0,M], cache86.l2cn8786[44,0], kunlun2.cn6425[59,59,200-0,M], kunlun8.cn6425[61,0]\r\nAli-Swift-Global-Savetime: 1762933938\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Wed, 12 Nov 2025 07:52:18 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: 3da0c01217629339386486026e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":8691,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 89 x 165, 8-bit/color RGBA, non-interlaced","md5":"3cece6dd8e07bd31d6eaf22b0bbbea77","sha1":"8abbe997fb0eb2b83919d569087af5750d4a1a65","sha256":"7f622ddebc9d52e35bdc347ec3c5bb1585f74469719c71cf227cc2266a3b6895","sha512":"63a1d9043818e0d61b647e8520d8e00796ec48dd98bb4e8924e24d4aa760a96a732e63c4fbe1b8c657e3aa19fa2aa4b2ac3a39f139a449a77560e01c68d0e286","ssdeep":"192:VSr7F8knErDDig0Cg97CBk/XfjTgiuf+6I63q/Exnix2ZEaO:0rNnEbf0Cs7ES7TgBftq/Ec8eaO","tlshash":"8c028d08efe0281489ced9b6bdfdd59b26335a80d6e28000fccd8c0634551b9d55ebdb","first_seen":"2025-03-09T15:25:07.219889Z","last_seen":"2026-03-20T10:57:50.297275Z","times_seen":26,"resource_available":false,"data":null}},"time_used":865,"timings":{"blocked":523,"dns":0,"connect":0,"send":0,"wait":333,"receive":9,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41578,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.857377+0000\",\"flow_id\":289853328692448,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41578,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/flbtbg1.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2167},\"files\":[{\"filename\":\"/Skins/329529/images/flbtbg1.png\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":2167,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":10,\"bytes_toserver\":1314,\"bytes_toclient\":8335,\"start\":\"2025-11-12T07:52:17.890080+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"public.mtnets.com/public/js/swiper.min.js","fqdn":"public.mtnets.com","domain":"mtnets.com","tld":"com"},"ip":{"addr":"218.11.0.74","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:16.330Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.mtnets.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Fri, 05 Sep 2025 03:48:46 GMT","end":"Mon, 05 Oct 2026 03:48:45 GMT"},"fingerprint":{"sha1":"17:7D:9B:7D:77:E5:75:95:47:DB:97:C3:AB:B8:D0:E9:74:B6:07:84","sha256":"76:5C:C6:79:DF:08:A6:CD:BB:8D:53:C9:B4:57:D8:93:F6:E7:6A:58:6B:73:54:DB:67:7E:12:CE:5D:29:0A:D3"}}},"request":{"raw":"GET /public/js/swiper.min.js HTTP/1.1\r\nHost: public.mtnets.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: openresty\r\nLast-Modified: Wed, 19 Apr 2023 08:15:06 GMT\r\nETag: W/\"5a9ba0c9772d91:0\"\r\nX-Powered-By: ASP.NET-4.95\r\nAccess-Control-Allow-Origin: *\r\nX-CCDN-Expires: 2069563\r\nvia: CHN-HEshijiazhuang-AREACUCC8-CACHE4[2],CHN-HEshijiazhuang-AREACUCC8-CACHE23[0,TCP_HIT,2],CHN-TJ-GLOBAL6-CACHE106[6],CHN-TJ-GLOBAL6-CACHE81[0,TCP_HIT,4]\r\nx-hcs-proxy-type: 1\r\nX-CCDN-CacheTTL: 2592000\r\nX-CCDN-REQ-ID-46B1: 53f0f9443a02d9887924f75d2c95a6be\r\nnginx-hit: 1\r\nAge: 522437\r\nStrict-Transport-Security: max-age=31622400; includeSubDomains\r\nContent-Encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":96151,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (31999), with CRLF line terminators","md5":"75cc62321aac40e60cd42f4c5f6e22f1","sha1":"b1340194dc7dc3b81a650f85ab73052a3c18e671","sha256":"fd00f2f93eac8a4c8d786bc02e59cdce2cb6eafef6b8d7ec7ed1d0c6e9f8cb2a","sha512":"9c8dfade81f1309f78badfb276a73ea5527198df7d9193f9c298fd55e55bcd4cfcd61a02c1ea8a8b26e1a008a9d4129b012e947b0e187f7d5ef326eaa0f176f6","ssdeep":"1536:UyOkN3TklR3ZIFDG+Y7n2L5ydUTv0tSQfCBTa:hT673uTv0","tlshash":"3f93d66db314f2e295d3214a675ac64122f21706b849dae870b54c4a68bcc5d03bffbd","first_seen":"2024-07-28T19:52:58Z","last_seen":"2026-04-04T22:22:39.453746Z","times_seen":195,"resource_available":true,"data":null}},"time_used":1551,"timings":{"blocked":609,"dns":1,"connect":293,"send":0,"wait":316,"receive":14,"ssl":314},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img76.chem17.com/gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bca437d71737539b6241ca45226b830350b5b9596083fb8ac2_500_500_5.png","fqdn":"img76.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.021Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bca437d71737539b6241ca45226b830350b5b9596083fb8ac2_500_500_5.png HTTP/1.1\r\nHost: img76.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":227,"timings":{"blocked":227,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.dgtjauto.com/Skins/329529/images/zxbtn.png","fqdn":"www.dgtjauto.com","domain":"dgtjauto.com","tld":"com"},"ip":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.081Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/zxbtn.png HTTP/1.1\r\nHost: www.dgtjauto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/png\r\nContent-Length: 6189\r\nConnection: keep-alive\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\nLast-Modified: Wed, 08 May 2024 03:17:30 GMT\r\nAccept-Ranges: bytes\r\nETag: \"0419042f6a0da1:0\"\r\nX-Powered-By: ASP.NET-115.4.179\r\nReferrer-Policy: unsafe-url\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nVia: cache1.l2cn3129[17,17,200-0,M], cache14.l2cn3129[19,0], kunlun9.cn6425[26,26,200-0,M], kunlun5.cn6425[28,0]\r\nAli-Swift-Global-Savetime: 1762933938\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Wed, 12 Nov 2025 07:52:18 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: 3da0c00f17629339389163577e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":6189,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 198 x 64, 8-bit/color RGBA, non-interlaced","md5":"c1ebdc0a09701af244f9a5e63a440a09","sha1":"df8a6d61c4de4811029866d8c0fbd5f64325370c","sha256":"bb8a0c10dccde739dd02a839c0c7301f537eacb2bfea8703255afe8b3bc82704","sha512":"beba2e8bca3ad3c071126324733cb2b42078b3862bfd3564142dd0660d13faac78486d282f408305dadf9a5bc2992d937277d52c0cda9f43715f9f6bc4bcc526","ssdeep":"192:CSQ7F8knFWMICIBedJWJaStRlt1MnxS1jCHDJfX76q+yHe2:dQNnFWMIC0edJWJaSTlTMnkCN76Qe2","tlshash":"3fd14b8cbe91dc80198dbf9a389ee7e2653b1fc08ed37128fcf9540b5950175d82e58a","first_seen":"2025-03-09T15:25:07.216317Z","last_seen":"2026-03-20T10:57:50.316221Z","times_seen":19,"resource_available":false,"data":null}},"time_used":1020,"timings":{"blocked":735,"dns":0,"connect":0,"send":0,"wait":285,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:19Z","timestamp":1762933939,"ip_dst":{"addr":"172.18.0.2","port":41610,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:19.093114+0000\",\"flow_id\":1434011141548065,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41610,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/zxbtn.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2169},\"files\":[{\"filename\":\"/Skins/329529/images/zxbtn.png\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":2169,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":9,\"pkts_toclient\":9,\"bytes_toserver\":1282,\"bytes_toclient\":7546,\"start\":\"2025-11-12T07:52:18.141345+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img72.chem17.com/gxhpic_dea7ae3c8e/8975028d8e14767fc4f32723ea77a0bcb7ef475b56bf42ac44be2e392a0d6c9bde487d2b95702d16_500_500_5.png","fqdn":"img72.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"218.60.101.80","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.317Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/8975028d8e14767fc4f32723ea77a0bcb7ef475b56bf42ac44be2e392a0d6c9bde487d2b95702d16_500_500_5.png HTTP/1.1\r\nHost: img72.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img72.chem17.com/gxhpic_dea7ae3c8e/8975028d8e14767fc4f32723ea77a0bcb7ef475b56bf42ac44be2e392a0d6c9bde487d2b95702d16_500_500_5.png\r\nX-CCDN-REQ-ID-46B1: 154fa1cc4bca7d7e1f70e3085e271927\r\nvia: CHN-LNdalian-AREACUCC6-CACHE19[7]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2549,"timings":{"blocked":2019,"dns":1,"connect":261,"send":0,"wait":268,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img78.chem17.com/gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bcbd72d4bc13a2ddc0472102af1a97d9191aea826804a67e1f_500_500_5.png","fqdn":"img78.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"106.8.246.201","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.323Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bcbd72d4bc13a2ddc0472102af1a97d9191aea826804a67e1f_500_500_5.png HTTP/1.1\r\nHost: img78.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img78.chem17.com/gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bcbd72d4bc13a2ddc0472102af1a97d9191aea826804a67e1f_500_500_5.png\r\nX-CCDN-REQ-ID-46B1: 56b2adab2ed257a828ff239e6ab0aca8\r\nvia: CHN-HEcangzhou-AREACT3-CACHE32[13]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2586,"timings":{"blocked":2011,"dns":2,"connect":279,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img72.chem17.com/gxhpic_dea7ae3c8e/8975028d8e14767fc4f32723ea77a0bcb7ef475b56bf42ac44be2e392a0d6c9bde487d2b95702d16_500_500_5.png","fqdn":"img72.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.931Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/8975028d8e14767fc4f32723ea77a0bcb7ef475b56bf42ac44be2e392a0d6c9bde487d2b95702d16_500_500_5.png HTTP/1.1\r\nHost: img72.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":79,"timings":{"blocked":78,"dns":1,"connect":293,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.dgtjauto.com/Skins/329529/images/kefu-tb.png","fqdn":"www.dgtjauto.com","domain":"dgtjauto.com","tld":"com"},"ip":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.033Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/kefu-tb.png HTTP/1.1\r\nHost: www.dgtjauto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/png\r\nContent-Length: 20057\r\nConnection: keep-alive\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\nLast-Modified: Wed, 08 May 2024 03:17:23 GMT\r\nAccept-Ranges: bytes\r\nETag: \"8023643ef6a0da1:0\"\r\nX-Powered-By: ASP.NET-115.4.181\r\nReferrer-Policy: unsafe-url\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nVia: cache52.l2cn8047[30,29,200-0,M], cache58.l2cn8047[31,0], kunlun9.cn6425[56,56,200-0,M], kunlun1.cn6425[57,0]\r\nAli-Swift-Global-Savetime: 1762933938\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Wed, 12 Nov 2025 07:52:18 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: 3da0c00b17629339386506179e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":20057,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 352, 8-bit/color RGBA, non-interlaced","md5":"e648dfa2af5453b685eaa5bbcb2f0167","sha1":"3984283d711aa4c5e708de9897f7261b51e5189e","sha256":"b1bbda71b09c371b332cc2d35e19261f7890ffad8988cbf4b2a5785ccd390e56","sha512":"eea07a06349ca60e3ead89eeeba915af14a78be3de8e638d3fae815686bf03f942ad09d475e41531fe283b0b795d655bcca0b96905a28b74040a5999d89f60a7","ssdeep":"96:2ScSuYkEWmvo/JbTpMxNX7sc5RlDqVcH7H7Bkr/LBXPdc4XN6Zkjr7H7q:2SjJk6v22pDq6bbBk51TkZqnbq","tlshash":"3c92e82cfef2b2784a99563235c316420f774ac7e7815c80b6de8e15af60bad8c6b541","first_seen":"2024-12-01T20:37:15.574315Z","last_seen":"2026-03-02T03:23:27.650321Z","times_seen":42,"resource_available":false,"data":null}},"time_used":882,"timings":{"blocked":523,"dns":0,"connect":0,"send":0,"wait":333,"receive":26,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:18Z","timestamp":1762933938,"ip_dst":{"addr":"172.18.0.2","port":41564,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:18.891611+0000\",\"flow_id\":1538095378960021,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41564,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/kefu-tb.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1460},\"files\":[{\"filename\":\"/Skins/329529/images/kefu-tb.png\",\"sid\":[],\"gaps\":false,\"state\":\"UNKNOWN\",\"stored\":false,\"size\":1460,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":12,\"bytes_toserver\":1328,\"bytes_toclient\":11084,\"start\":\"2025-11-12T07:52:17.888469+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tp.xinxiyidiantong.com:5868/uploads/iwv840mvscz87ws4p3324p7k2i4yuh.gif","fqdn":"tp.xinxiyidiantong.com","domain":"xinxiyidiantong.com","tld":"com"},"ip":{"addr":"27.124.44.50","port":5868,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.580Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"tp.xinxiyidiantong.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Sep 2025 11:36:35 GMT","end":"Thu, 18 Dec 2025 11:36:34 GMT"},"fingerprint":{"sha1":"42:AC:AC:86:E9:93:0A:FB:BB:4F:2F:69:BC:50:70:0F:13:C8:7F:16","sha256":"D3:F9:F5:85:00:77:6D:E5:3F:0F:A3:CE:E1:E2:AB:55:75:E8:94:D2:40:56:DB:DC:40:D7:30:17:9F:4C:39:3C"}}},"request":{"raw":"GET /uploads/iwv840mvscz87ws4p3324p7k2i4yuh.gif HTTP/1.1\r\nHost: tp.xinxiyidiantong.com:5868\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:20 GMT\r\nContent-Type: image/gif\r\nContent-Length: 156427\r\nLast-Modified: Thu, 04 Nov 2021 19:43:48 GMT\r\nConnection: keep-alive\r\nETag: \"618437f4-2630b\"\r\nExpires: Fri, 12 Dec 2025 07:52:20 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":156427,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 47, 8-bit/color RGBA, non-interlaced","md5":"0dc662bab3fb9dd17ae6f777eae62a0d","sha1":"084f96c8fe5f280844b43235d6137626b11eabf8","sha256":"1d551f0660ef7472997f772901485f85cabf9370b1ea54334dc09ad4f08301e9","sha512":"2a3341c10473717959d703be8c56ba3fa6b5979d020e162c81ef9a02c6559e4ecf5302c14261722c37d7370d05ea95cfd20191e5e92e02c25ddbd37af23f29eb","ssdeep":"3072:lHavYLzuBktXdAkB+aAXW/xMqbirMklbd0dOmvw+swTFT9orAMI:dawLzdckBWWZQrMYbd0/w+XTpbMI","tlshash":"0be31296a119c02856fe25d2145e18394a8d2064ffb30e6ee43cf8fdc1ba5a71fa0d99","first_seen":"2023-05-06T09:40:17Z","last_seen":"2026-04-05T04:58:55.06031Z","times_seen":1646,"resource_available":false,"data":null}},"time_used":2639,"timings":{"blocked":1811,"dns":0,"connect":0,"send":0,"wait":290,"receive":538,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/Skins/329529/images/indnew_bg.jpg","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.434Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/indnew_bg.jpg HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/Skins/329529/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dgtjauto.com/Skins/329529/images/indnew_bg.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":108281,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":688,"timings":{"blocked":491,"dns":0,"connect":0,"send":0,"wait":197,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/Skins/329529/images/kefu.png","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.439Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/kefu.png HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/Skins/329529/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dgtjauto.com/Skins/329529/images/kefu.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":14606,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":561,"timings":{"blocked":365,"dns":0,"connect":0,"send":0,"wait":196,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.dgtjauto.com/Skins/329529/images/morejt.png","fqdn":"www.dgtjauto.com","domain":"dgtjauto.com","tld":"com"},"ip":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.914Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/morejt.png HTTP/1.1\r\nHost: www.dgtjauto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: Tengine\r\nContent-Type: image/png\r\nContent-Length: 2464\r\nConnection: keep-alive\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\nLast-Modified: Wed, 08 May 2024 03:17:25 GMT\r\nAccept-Ranges: bytes\r\nETag: \"8050953ff6a0da1:0\"\r\nX-Powered-By: ASP.NET-114.4.179\r\nReferrer-Policy: unsafe-url\r\nX-Download-Options: noopen\r\nX-Frame-Options: SAMEORIGIN\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nVia: cache52.l2cn2629[19,18,200-0,M], cache75.l2cn2629[19,0], kunlun4.cn6425[39,39,200-0,M], kunlun7.cn6425[41,0]\r\nAli-Swift-Global-Savetime: 1762933938\r\nX-Cache: MISS TCP_MISS dirn:-2:-2\r\nX-Swift-SaveTime: Wed, 12 Nov 2025 07:52:18 GMT\r\nX-Swift-CacheTime: 0\r\nTiming-Allow-Origin: *\r\nEagleId: 3da0c01117629339388931655e\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":2464,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced","md5":"c831edb956d626cfd991255b172797ae","sha1":"7254408fdec4f8b94a8fb6c4d7b2b90037bb742d","sha256":"29de051144a5f54260ee9b44dc18adb12f155353062bd7439efe0a5b3735266c","sha512":"39d723aedaf152ed101494f9b253c008fbaf37d14b0155d049b12965cb4d8da2cf4066328f1d8a324b02157df41db4ccb28fbef0d9d4d0ab6b56d06eb7fb8c75","ssdeep":"","tlshash":"3b514309bc516c911a0ef58a9efc524397b70fc08f52541aaeddcc525d204f98edd5cb","first_seen":"2025-03-09T15:25:07.227511Z","last_seen":"2026-03-20T10:57:50.320484Z","times_seen":23,"resource_available":false,"data":null}},"time_used":1167,"timings":{"blocked":888,"dns":0,"connect":0,"send":0,"wait":279,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-12T07:52:19Z","timestamp":1762933939,"ip_dst":{"addr":"172.18.0.2","port":41604,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"61.160.192.95","port":80,"asn":140293,"as":"CHINATELECOM Jiangsu province Changzhou 5G network","country":"China","country_code":"CN"},"severity":"medium","alert":"ET INFO Referrer-Policy set to unsafe-url","source":"{\"timestamp\":\"2025-11-12T07:52:19.337150+0000\",\"flow_id\":593105937114079,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"61.160.192.95\",\"src_port\":80,\"dest_ip\":\"172.18.0.2\",\"dest_port\":41604,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2054422,\"rev\":1,\"signature\":\"ET INFO Referrer-Policy set to unsafe-url\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_07_09\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_07_09\"]}},\"http\":{\"hostname\":\"www.dgtjauto.com\",\"url\":\"/Skins/329529/images/morejt.png\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://www.zgungames.com/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":2464},\"files\":[{\"filename\":\"/Skins/329529/images/morejt.png\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":2464,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":18,\"pkts_toclient\":19,\"bytes_toserver\":2122,\"bytes_toclient\":19616,\"start\":\"2025-11-12T07:52:18.140255+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img49.chem17.com/gxhpic_dea7ae3c8e/918f9a09f3f0cce0cc800de9bf1d190137a4e758d7bb3b04b2f03935e55d5bfe99919bac8f209633_500_500_5.png","fqdn":"img49.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.935Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/918f9a09f3f0cce0cc800de9bf1d190137a4e758d7bb3b04b2f03935e55d5bfe99919bac8f209633_500_500_5.png HTTP/1.1\r\nHost: img49.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":89,"timings":{"blocked":88,"dns":1,"connect":256,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img70.chem17.com/gxhpic_dea7ae3c8e/f88901ed60928cfceacad77486e69e8b2d0fb910a9e2ff1c74b0b15edc7fdb80ab71eb3f4a0b6c61_500_500_5.jpg","fqdn":"img70.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.939Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/f88901ed60928cfceacad77486e69e8b2d0fb910a9e2ff1c74b0b15edc7fdb80ab71eb3f4a0b6c61_500_500_5.jpg HTTP/1.1\r\nHost: img70.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":110,"timings":{"blocked":109,"dns":1,"connect":298,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img55.chem17.com/gxhpic_dea7ae3c8e/f4ab28128bc76c9fac48cb19193207a2ff57d177b4a009c0b7f3ea5b50627d771e6fe084577ad769_500_500_5.png","fqdn":"img55.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.991Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/f4ab28128bc76c9fac48cb19193207a2ff57d177b4a009c0b7f3ea5b50627d771e6fe084577ad769_500_500_5.png HTTP/1.1\r\nHost: img55.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":145,"timings":{"blocked":144,"dns":1,"connect":289,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"public.mtnets.com/public/css/swiper.min.css","fqdn":"public.mtnets.com","domain":"mtnets.com","tld":"com"},"ip":{"addr":"218.11.0.74","port":80,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.285Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /public/css/swiper.min.css HTTP/1.1\r\nHost: public.mtnets.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:16 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://public.mtnets.com/public/css/swiper.min.css\r\nX-CCDN-REQ-ID-46B1: 78253a8c08d4f2437a877f42167af77f\r\nvia: CHN-HEshijiazhuang-AREACUCC8-CACHE18[0]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":17486,"size_decoded":0,"mime_type":"text/css","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":1784,"timings":{"blocked":762,"dns":566,"connect":228,"send":0,"wait":228,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/Skins/329529/images/logo.jpg","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.293Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/logo.jpg HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dgtjauto.com/Skins/329529/images/logo.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14165,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2408,"timings":{"blocked":2043,"dns":1,"connect":163,"send":0,"wait":200,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"img49.chem17.com/gxhpic_dea7ae3c8e/918f9a09f3f0cce0cc800de9bf1d1901aa48a7bd0704243cb8624ca10ead2b9e087effc004194fa0_500_500_5.png","fqdn":"img49.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"120.39.165.50","port":80,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.305Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/918f9a09f3f0cce0cc800de9bf1d1901aa48a7bd0704243cb8624ca10ead2b9e087effc004194fa0_500_500_5.png HTTP/1.1\r\nHost: img49.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: openresty\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nContent-Length: 166\r\nConnection: keep-alive\r\nLocation: https://img49.chem17.com/gxhpic_dea7ae3c8e/918f9a09f3f0cce0cc800de9bf1d1901aa48a7bd0704243cb8624ca10ead2b9e087effc004194fa0_500_500_5.png\r\nX-CCDN-REQ-ID-46B1: 13cde5772d84fc187ebf2c5d7203be27\r\nvia: CHN-FJxiamen-CT16-CACHE15[7]\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2566,"timings":{"blocked":2029,"dns":2,"connect":263,"send":0,"wait":272,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/Skins/329529/images/artico.png","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.436Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/artico.png HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/Skins/329529/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dgtjauto.com/Skins/329529/images/artico.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":2706,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":774,"timings":{"blocked":564,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img77.chem17.com/gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bc7821da627449600c21923c024b54bf7e4d1d2a1bd4506b68_500_500_5.png","fqdn":"img77.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.993Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bc7821da627449600c21923c024b54bf7e4d1d2a1bd4506b68_500_500_5.png HTTP/1.1\r\nHost: img77.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":167,"timings":{"blocked":167,"dns":0,"connect":264,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"89tongji.com/tj.js?id=51","fqdn":"89tongji.com","domain":"89tongji.com","tld":"com"},"ip":{"addr":"94.156.119.89","port":443,"asn":211895,"as":"Serverius Holding B.V.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:18.744Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"89tongji.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Oct 2025 08:05:06 GMT","end":"Sun, 18 Jan 2026 08:05:05 GMT"},"fingerprint":{"sha1":"1E:77:BF:04:A2:7E:6D:6C:BF:DC:62:94:BB:4E:E2:45:25:A4:E6:91","sha256":"0F:E0:92:B0:20:82:27:A0:0B:D4:ED:30:8A:B4:E5:26:FE:EF:F5:1A:6A:93:D9:2B:5E:19:AC:A0:51:28:D8:38"}}},"request":{"raw":"GET /tj.js?id=51 HTTP/1.1\r\nHost: 89tongji.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 533\r\nLast-Modified: Mon, 20 Oct 2025 10:41:42 GMT\r\nConnection: keep-alive\r\nETag: \"68f611e6-215\"\r\nExpires: Wed, 12 Nov 2025 08:52:18 GMT\r\nPragma: public\r\nCache-Control: max-age=3600, public\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":533,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (532)","md5":"2f07ff5c725cf522be1b083a9b6f5336","sha1":"b0ffdc146c81f8f338c360caf95bc9ee4576fc2c","sha256":"b9c04e61073b0a84b5a410332017bc6c50fd1a123e95fc96b51f5c15b4eca565","sha512":"0a1aace160ca503acee8c1665063f5e03bc18b6799bbd69ddf070b1c0edff1c384a98f566eceab859bc2f3db39c1530e35d6143642adaee00e50ba4b25916826","ssdeep":"","tlshash":"3df020101d9f6efc2129217b2dbccd7e33bf342ea0a1c0407e80d41565f2ac189483c8","first_seen":"2025-10-20T21:30:04.145942Z","last_seen":"2025-12-17T06:35:43.56554Z","times_seen":774,"resource_available":true,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":1,"connect":18,"send":0,"wait":18,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"89tongji.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/Skins/329529/images/banner1.jpg","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:15.295Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/banner1.jpg HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:17 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dgtjauto.com/Skins/329529/images/banner1.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2232,"timings":{"blocked":2040,"dns":0,"connect":0,"send":0,"wait":192,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.zgungames.com/Skins/329529/images/morejt2.png","fqdn":"www.zgungames.com","domain":"zgungames.com","tld":"com"},"ip":{"addr":"170.130.238.181","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.435Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/329529/images/morejt2.png HTTP/1.1\r\nHost: www.zgungames.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.zgungames.com/Skins/329529/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Wed, 12 Nov 2025 07:52:18 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.dgtjauto.com/Skins/329529/images/morejt2.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":2742,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":756,"timings":{"blocked":559,"dns":0,"connect":0,"send":0,"wait":197,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-12","alert":"Sinkholed","trigger":"www.zgungames.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img53.chem17.com/gxhpic_dea7ae3c8e/f4ab28128bc76c9f6c7691e5bc81693c114108b2f17b275b0cc9a35e68bef2ac36fea85f3e8ed772_500_500_5.png","fqdn":"img53.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.927Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.chem17.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Fri, 03 Jan 2025 06:14:58 GMT","end":"Mon, 02 Feb 2026 06:14:57 GMT"},"fingerprint":{"sha1":"EA:83:C4:F6:80:68:DA:E0:B9:5F:29:5F:25:1E:D7:C5:23:96:B4:5B","sha256":"F1:AD:AB:7C:0A:BE:EB:41:29:1E:D9:E5:50:CE:33:DC:53:3A:61:0B:3E:F8:FC:76:84:BF:3A:F4:D7:15:69:1F"}}},"request":{"raw":"GET /gxhpic_dea7ae3c8e/f4ab28128bc76c9f6c7691e5bc81693c114108b2f17b275b0cc9a35e68bef2ac36fea85f3e8ed772_500_500_5.png HTTP/1.1\r\nHost: img53.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":546,"timings":{"blocked":20,"dns":0,"connect":239,"send":0,"wait":0,"receive":0,"ssl":286},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img50.chem17.com/gxhpic_dea7ae3c8e/918f9a09f3f0cce0cc800de9bf1d1901d6c4138ca10a16aa0e34e7c23b8afa5f068367efeea88ccf_500_500_5.jpg","fqdn":"img50.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.chem17.com","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Fri, 03 Jan 2025 06:14:58 GMT","end":"Mon, 02 Feb 2026 06:14:57 GMT"},"fingerprint":{"sha1":"EA:83:C4:F6:80:68:DA:E0:B9:5F:29:5F:25:1E:D7:C5:23:96:B4:5B","sha256":"F1:AD:AB:7C:0A:BE:EB:41:29:1E:D9:E5:50:CE:33:DC:53:3A:61:0B:3E:F8:FC:76:84:BF:3A:F4:D7:15:69:1F"}}},"request":{"raw":"GET /gxhpic_dea7ae3c8e/918f9a09f3f0cce0cc800de9bf1d1901d6c4138ca10a16aa0e34e7c23b8afa5f068367efeea88ccf_500_500_5.jpg HTTP/1.1\r\nHost: img50.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":564,"timings":{"blocked":67,"dns":1,"connect":242,"send":0,"wait":0,"receive":0,"ssl":253},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img76.chem17.com/gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bcc04332b4aabe4744e7abb89c0889dd76eff45d2503cebe58_500_500_5.png","fqdn":"img76.chem17.com","domain":"chem17.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.zgungames.com/","date":"2025-11-12T07:52:17.995Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_dea7ae3c8e/24e8f035994b740a09639d736e3792bcc04332b4aabe4744e7abb89c0889dd76eff45d2503cebe58_500_500_5.png HTTP/1.1\r\nHost: img76.chem17.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.zgungames.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":179,"timings":{"blocked":178,"dns":1,"connect":299,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}