{"report_id":"8af7f23a-373a-4ba1-8a6b-865250d34af4","version":6,"status":"done","tags":[],"date":"2026-06-02T08:30:34Z","url":{"schema":"http","addr":"gkbci29u.dongjiakg.com","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":0,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"title":"57365z线路检测中心(中国)股份有限公司","dom":{"size":4097,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4063), with no line terminators","md5":"082ebe73a38e4f734b164d4468debed4","sha1":"b87e26183a2852f66df30ff97f539adaafbf5c2d","sha256":"9e47dd33dc7a14dfbf3fc7278e0de383d0900e0110dc110934f57ad5043e0d27","sha512":"c9d3eba8c9b40a6aeec4b3bb9dc33c40b4b350960f4def43c9142bd266e9ccc126fe3f838ea119fa928f2e93ff32d5262dc2f4c188db08e8849b90747d290f6a","ssdeep":"96:uat31GFXveb0NXHatoU87xSXwX5xSXwX5:uE1SXWgd487xSXwX5xSXwX5","tlshash":"c68140ab8d88954d4a92e488d276f6dd9457142ece63dc07fee4d0cee914ae988131cc","dom_hash":"domhash7193c639895cceed9caa86ef2a7c26d2","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":0,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-07T08:30:34Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"fcl.xueyuxingfeng.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"fcl.xueyuxingfeng.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.dongjiakg.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2024-08-26","domain_rank":0,"first_seen":"2026-06-02T05:38:19.505018Z","last_seen":"2026-06-02T05:38:19.505018Z","alert_count":0,"request_count":2,"received_data":0,"sent_data":872,"comment":"","tags":null,"fingerprints":null},{"fqdn":"hm.baidu.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"1999-10-11","domain_rank":54491,"first_seen":"2012-05-26T08:38:45Z","last_seen":"2026-06-01T08:33:37.168547Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":363,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img70.dongjiakg.com","ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"domain_registered":"2024-08-26","domain_rank":0,"first_seen":"2026-06-02T05:38:18.544784Z","last_seen":"2026-06-02T05:38:18.544784Z","alert_count":0,"request_count":2,"received_data":670,"sent_data":934,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"gkbci29u.dongjiakg.com","ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":74,"request_count":37,"received_data":641870,"sent_data":14328,"comment":"","tags":null,"fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]}]},{"fqdn":"img61.dongjiakg.com","ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"domain_registered":"2024-08-26","domain_rank":0,"first_seen":"2026-06-02T05:38:18.559245Z","last_seen":"2026-06-02T05:38:18.559245Z","alert_count":0,"request_count":2,"received_data":670,"sent_data":934,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"img66.dongjiakg.com","ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"domain_registered":"2024-08-26","domain_rank":0,"first_seen":"2025-10-14T13:04:29.594135Z","last_seen":"2026-06-02T05:38:19.316134Z","alert_count":0,"request_count":1,"received_data":335,"sent_data":467,"comment":"","tags":null,"fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"qiufacai.top","ip":{"addr":"143.92.57.31","port":15668,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2025-02-13","domain_rank":0,"first_seen":"2025-02-16T10:26:31.077897Z","last_seen":"2026-05-29T16:06:47.459973Z","alert_count":0,"request_count":1,"received_data":2928,"sent_data":793,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"fcl.xueyuxingfeng.com","ip":{"addr":"27.124.44.6","port":6987,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2021-06-17","domain_rank":0,"first_seen":"2021-06-17T13:30:21Z","last_seen":"2026-05-29T07:40:17.026667Z","alert_count":2,"request_count":1,"received_data":3642,"sent_data":442,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"89tongji.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2023-08-03","domain_rank":3345724,"first_seen":"2023-08-03T16:00:12Z","last_seen":"2026-05-29T21:48:36.676304Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":417,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.hzsysb.com","ip":{"addr":"47.104.145.44","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"domain_registered":"2013-05-24","domain_rank":0,"first_seen":"2026-06-02T05:38:19.324194Z","last_seen":"2026-06-02T05:38:19.324194Z","alert_count":0,"request_count":33,"received_data":2550,"sent_data":13493,"comment":"","tags":null,"fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}]},{"fqdn":"img78.dongjiakg.com","ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"domain_registered":"2024-08-26","domain_rank":0,"first_seen":"2025-10-14T13:04:28.91012Z","last_seen":"2026-06-02T05:38:21.003617Z","alert_count":0,"request_count":1,"received_data":335,"sent_data":467,"comment":"","tags":null,"fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"chat.dongjiakg.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2024-08-26","domain_rank":0,"first_seen":"2026-06-02T05:38:18.546Z","last_seen":"2026-06-02T05:38:18.546Z","alert_count":0,"request_count":4,"received_data":0,"sent_data":1740,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img64.dongjiakg.com","ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"domain_registered":"2024-08-26","domain_rank":0,"first_seen":"2026-06-02T05:38:18.555524Z","last_seen":"2026-06-02T05:38:18.555524Z","alert_count":0,"request_count":1,"received_data":335,"sent_data":467,"comment":"","tags":null,"fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"img79.dongjiakg.com","ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"domain_registered":"2024-08-26","domain_rank":0,"first_seen":"2025-10-14T13:04:29.539503Z","last_seen":"2026-06-02T05:38:20.02975Z","alert_count":0,"request_count":1,"received_data":335,"sent_data":467,"comment":"","tags":null,"fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"collect-v6.51.la","ip":{"addr":"43.174.229.1","port":80,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"domain_registered":"2005-01-17","domain_rank":348646,"first_seen":"2021-03-08T16:03:54Z","last_seen":"2026-06-01T08:46:24.104872Z","alert_count":0,"request_count":2,"received_data":756,"sent_data":812,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img63.dongjiakg.com","ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"domain_registered":"2024-08-26","domain_rank":0,"first_seen":"2026-06-02T08:30:35.714728Z","last_seen":"2026-06-02T08:30:35.714728Z","alert_count":0,"request_count":1,"received_data":335,"sent_data":467,"comment":"","tags":null,"fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"api.share.baidu.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"1999-10-11","domain_rank":1421601,"first_seen":"2013-04-25T14:45:11Z","last_seen":"2026-05-28T09:55:26.924542Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":393,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img77.dongjiakg.com","ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"domain_registered":"2024-08-26","domain_rank":0,"first_seen":"2025-10-14T13:04:29.027483Z","last_seen":"2025-10-14T13:04:29.027483Z","alert_count":0,"request_count":1,"received_data":335,"sent_data":467,"comment":"","tags":null,"fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"push.zhanzhang.baidu.com","ip":{"addr":"180.101.212.103","port":80,"asn":134770,"as":"CHINANET Jiangsu province Suzhou taihu IDC network","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":1485849,"first_seen":"2015-07-22T05:44:02Z","last_seen":"2026-05-28T22:02:09.219214Z","alert_count":0,"request_count":1,"received_data":426,"sent_data":345,"comment":"","tags":null,"fingerprints":null},{"fqdn":"img80.dongjiakg.com","ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"domain_registered":"2024-08-26","domain_rank":0,"first_seen":"2026-06-02T05:38:19.300058Z","last_seen":"2026-06-02T05:38:19.300058Z","alert_count":0,"request_count":1,"received_data":335,"sent_data":467,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"tp.xinxiyidiantong.com","ip":{"addr":"27.124.44.50","port":5868,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2019-08-03","domain_rank":0,"first_seen":"2022-06-30T09:41:39Z","last_seen":"2026-05-27T17:06:53.074782Z","alert_count":0,"request_count":8,"received_data":1494596,"sent_data":3910,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"img68.dongjiakg.com","ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"domain_registered":"2024-08-26","domain_rank":0,"first_seen":"2026-06-02T05:38:18.549055Z","last_seen":"2026-06-02T05:38:18.549055Z","alert_count":0,"request_count":1,"received_data":335,"sent_data":467,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"85473cfacd8228c3581f60e1825b8667","sha1":"a138f9b385b44675085932b3c487a159be13c97b","sha256":"be3c8825578f850f3cfe5e75b0fa317fbff48e2958eee8033a310a0cff1604c4","sha512":"73ac4f9b5c49d12ad86fde9f65133099cfe7d74b8d2bd23204b8e0f4ee716a32182b695e76327526b2a8f0c9a21a9fabde6a05ab6145e1815f89c5420916754f","ssdeep":"","tlshash":"5ba012bf31d0b34100010007b1131c0fe953a834c080c03d5e7431940438c51c3c3c84","size":85,"data":"","first_seen":"2026-06-02T05:38:36.767586Z","last_seen":"2026-06-02T12:36:10.434873Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"8184fdb4a535060b8c0cd7a3aafa96de","sha1":"c2aab95bac95682ca0a8ae13a03327012e44214b","sha256":"a43bde24344a59d6703af770227c828e444f476d5eb04d43bb95a3191ba92c38","sha512":"a92d06f1cc81dfdc7aacd8aee594a6488be10b26fd8f9cd5665fa1fb19f1ac25661df6274c640fc5dd3051ada31a492195858c2fc6890080828ec1c170aaf2b3","ssdeep":"","tlshash":"43d097b73420be0e08726988e1b1ce6830f6235a6191d6db947a89390911ade1d1c806","size":241,"data":"","first_seen":"2026-01-03T09:11:47.395197Z","last_seen":"2026-06-07T04:40:55.872306Z","times_seen":114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/js/banner.js","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5c709c2bb9691764ee9944bf4551ce72","sha1":"e53e18d1526a5373fd9f7b9a724b48935e2ac653","sha256":"2f080cff55238fec7c33fca9e8380371d3a8e5a3e9dbd7f355065cf124a163a4","sha512":"17f437e7c2faeeae7a6beebd875574356800e6ace7a954bfc573684d81575253b690acf1290b54b6de26f4bbd87e2159e11ad3db4dc850e311b50a2ed753fc92","ssdeep":"","tlshash":"57410f2b52952428910bf93ec2ff511069784607ad26ed88728d71515f6e83850feffe","size":1934,"data":"","first_seen":"2023-11-25T10:41:09Z","last_seen":"2026-06-05T15:31:35.501919Z","times_seen":58,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"2149b39507f7a95f205338b600f2732e","sha1":"56879c45ecd121ed424b5fff5d0feab5b858929c","sha256":"4d885d41d4293a4dcf0f954ef3b71c4c19224956f5921c903476b229a9105d70","sha512":"e7746d0fb3ee6d6e7acc5759633914787c083e072492e7e21741f64081476207c246ec3593330f4d1ddbda58db4fdf117befa015b201be5ee6014d8b37e1b21d","ssdeep":"","tlshash":"f1e0d8ed2c661a746b9004be942ff91cf1d9617c2455e112a58dfc124034eeb1a1aa94","size":356,"data":"","first_seen":"2023-03-07T12:09:31Z","last_seen":"2026-06-07T00:59:53.586316Z","times_seen":772,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/js/swiper.min.js","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"718ed4d9c9cb7a5f354328a42f20d241","sha1":"1019f782bc162d436ff5df41fe233520a1751e5f","sha256":"ecd149351638c9d16c094bbe1a3d5798df3693db35eaa78f7af1d63e88835ab0","sha512":"16fa38d18cde8c5b7574fc28160ed0cd695d560e1729d54ccb560f91af024a203466a4757161f773f9ecb1032b14d201f58ab5ce7c7a521f3c8a04621dc2f1c7","ssdeep":"1536:eyOkN3TklR3ZIFD7+Y7n2L5ydUTq0tSQfCBTR:LTF73uTq/","tlshash":"e293e66eb314f3e295d3214a675ac64122f21706b849dae870b54c4a68bcc5d03bffbd","size":96417,"data":"","first_seen":"2023-03-13T02:33:14Z","last_seen":"2026-06-05T15:31:35.513419Z","times_seen":121,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"57b911edbdddf294e8eb8d7cd3f791ee","sha1":"d2d537cc64a7f502818109e717185e0da69cddcb","sha256":"1d919eae2a286643a619217511d8dede07ca74c6f861413f138641dfa4cfa20b","sha512":"c6cd6092c5cf93f51d93cf6f9fcac71795fc5995a65d6b1af7b64e13feb5669ac6486dfc2eda56a6e4f22527a56ed78db0ce5bc17cf3a8b8b36320a6bb4b018d","ssdeep":"","tlshash":"29b0121b3a064c305485712202088ad07804a6920fa42941a03825248010d814545f54","size":88,"data":"","first_seen":"2023-03-07T12:56:00Z","last_seen":"2026-06-07T04:40:55.874302Z","times_seen":167,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"push.zhanzhang.baidu.com/push.js","fqdn":"push.zhanzhang.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"180.101.212.103","port":80,"asn":134770,"as":"CHINANET Jiangsu province Suzhou taihu IDC network","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"1bb5a3267c9865ad4abe8d937734b62b","sha1":"b5478dd2edb3e64242eced1db2dbd945ef81f592","sha256":"674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2","sha512":"33318ed944a49a8fa334983408d68853b1fbe4f80b19adef6235f23d7708b616cd4f8dd28c8b8ebfbb5776aab8088229f3060cd789af34fe1db5038a98bd0d39","ssdeep":"","tlshash":"91d02be874a0c41c0ce710b17fab328cfab20b2755244d40c05b90013614b1f824bfe9","size":281,"data":"","first_seen":"2023-03-07T01:02:09Z","last_seen":"2026-06-07T08:13:41.741096Z","times_seen":24431,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/jquery.la.min.js","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"80d4fa18ec76b19a28bc1e809a254f3a","sha1":"9b8cf317be1f86779e061ecb5526a6e2577e28fb","sha256":"b41465f0aed648314ea9a5b83fa0de21b54fc190103fb4525f880b481412816f","sha512":"6f4b75f748e32f37c4514dba6e474282724cdb695399c0077ab4101e7b01b5c8306648e0e1aeb01aa8a767d08e1a7b13f8274192bf3d0143092053eac596168b","ssdeep":"","tlshash":"e621fe8f7c05e2605b59396627b7edace9fd1032240adc0659eac0ac3c1aff80616b09","size":1210,"data":"","first_seen":"2024-02-07T10:19:18Z","last_seen":"2026-06-03T04:52:59.26568Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/js/jquery.min.js","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e20fb66dd0a4c9a1397b7498194e87a0","sha1":"d682a75edd8aa7dc0dfc8183dd3b58f97fbccb04","sha256":"8bed1817a693a0447277bf0760625ccb52b487e0f9ab940ed92c15be027383f9","sha512":"0c0cf51ba3956acaa2887e47aec57a3fdb13dc39af4fd7c7517782a6c7f28ac8175fb67f404ccaddc8ffb6d9bf59ef8a751d5a47a1586b359950b059fb2028ce","ssdeep":"1536:nPpEy5BMibZGOj/bEe8v+/UWf4IhvAuCh/jqkODZ2D5N9Rag0MOIdSZAgtgoX5YH:eIO/e2D5c4LgtIGLja98HrK","tlshash":"2e93e8d9b6d2706287b730a851bf510bb17698eab80c4c60f158d8e47eb4e8d507bf2d","size":96298,"data":"","first_seen":"2023-03-13T02:33:14Z","last_seen":"2026-06-05T15:31:35.50301Z","times_seen":96,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/js/JSChat.js","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c585663f5b83e34d09092e44326b9377","sha1":"498b43fec7eb7cb801257cc121f97c12be542abc","sha256":"97da6e4048ee96ed0c9d00a4f87b00c26adb4af9af53df68e5d8b6669f4bb690","sha512":"5e9a059d9ff3f80b3aa58f6411925c2744e579450f08885deaf41bbdfcb95af3254195a4fde2454047d63838ec6a4eb5cd4d3b213bf1d94df9d5d30ba86f44e9","ssdeep":"","tlshash":"7731dfb28913d31609194e63c716174ca267915b9103e9623d3d7e643f88d2bb3997f0","size":1622,"data":"","first_seen":"2024-01-31T06:36:47Z","last_seen":"2026-06-06T21:59:48.668609Z","times_seen":664,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6dfbf4d70bfb4ec42400f1a89c936fee","sha1":"2e364ac87c9a896e2ef50d303525f47c493ddfb2","sha256":"fec590e4b0997a2e2babdbe4ceda1c0eac22b49ff90f423f808dbe272c6ac504","sha512":"c65aee43d51eaed5655ab42a250f375f2889ab9d8c3d1a0ea73e1060286f47c51953ddb937e16489e8d628ed1b05d2f346e4373b25b53b951e02f79947496f55","ssdeep":"","tlshash":"a2f0fca5f788567020fb723a45ee30c82aaf85074f498641fb7481b45fdda0b25abd49","size":585,"data":"","first_seen":"2023-03-07T12:56:00Z","last_seen":"2026-06-06T20:08:58.961088Z","times_seen":167,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc512cad43d34c0525a8a025e68bb866","sha1":"9d74bd668e01ddcdff3feed047aa144f652eddb4","sha256":"a70297371ee73ff9709297b6d6b6f26f4c5119f3c1c36c0665296475eaf2c562","sha512":"3560544a668ccf39ba7bc1170538d93b40221b48a8e691f4a931ee5f83ca2adbf11f64aebc35d6d75dbfd764dd5d377a1e304e130c9a13c4b731566ff0ab01f4","ssdeep":"","tlshash":"53f0dcae5841a1981acb34ac9fabd68dd1ee00a4100ecc03bae6c4ce3c38fc8053234c","size":492,"data":"","first_seen":"2025-03-08T22:48:43.772616Z","last_seen":"2026-06-04T22:59:02.324962Z","times_seen":54,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-06-06T23:16:57.988363Z","times_seen":98187,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/jquery.min.js","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0531c80b37cb2a2a6efc119e123a3d20","sha1":"21f7af6e38ee3eec97519e5bc92c586e7e878f77","sha256":"ab896e03a1aff27af47b6c296c653299fd59b6c709765b01140aae082cc0129d","sha512":"604fb5b81e8aaac2d6fff234e9da3748666ad772040c3dc4470f0f09ba457c992a983d9c35a48e7d95aa1ba35fe18d78418af403eccf88de37cacf7cc0ae4f89","ssdeep":"","tlshash":"2a01fbd8d7c4d95b6ecc5d43fa14eeca22b2813b97d97187832cfa8c05ae192c49c449","size":750,"data":"","first_seen":"2023-03-08T20:31:31Z","last_seen":"2026-06-06T08:21:02.212288Z","times_seen":170,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fcl.xueyuxingfeng.com:6987/advanced/ashuai/sj.js","fqdn":"fcl.xueyuxingfeng.com","domain":"xueyuxingfeng.com","tld":"com"},"ip":{"addr":"27.124.44.6","port":6987,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"ead0945734d2df1393f97b83395ce5a5","sha1":"02075f8db8ec645ac0333d11f29cf592e34fe824","sha256":"acc560eecd34add4d045a64d0261d40c73f6b19af0ed698921622e9d7fe616fe","sha512":"9747e0b01ffa510bf24d56e9c634c930f3c04b61d35e1c9d305087fcb3e00adeb5896cd70542dbeb58d0de07b7331a79d9e5799f15b98c4a0f7bfe37f44d7736","ssdeep":"","tlshash":"39612e94ef8d20338e133165ae6f958c24be68577944eca7f80c64d44fa0d38852beac","size":3361,"data":"","first_seen":"2025-02-18T11:26:37.42474Z","last_seen":"2026-06-07T12:39:06.953383Z","times_seen":474,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"2424db372dc1c95338437c51885cb4ba","sha1":"c5fb27d9052fe6484755752f8e3db8f73c03241b","sha256":"34e3a8cee824e722099b87e4bbcebff2e75a5d4a09cb8b7f215c67422e2dbc8d","sha512":"51505626a74864aa4bc55b74e8ebd64e136ba41cb8b0baac6a73dbc0548bfc1ae80021e4327f861a661df6880ecd7a0c7bcaff6dec1a58ad7f7766779ccc4010","ssdeep":"","tlshash":"2ce05e59b3a215c410bb196eba1f85e00d48ab2bc5119944b47d98e14f429a8ba2256f","size":301,"data":"","first_seen":"2025-06-07T10:36:52.397179Z","last_seen":"2026-06-06T19:29:46.313339Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/js/jquery.SuperSlide.js","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8baa5c167d403d1245abe1193d765c3f","sha1":"59ec699737cf22106cda8092ca15e4142e272970","sha256":"98bfc9c9ffafe0f52bda61796a4a21c3ca2737061cad8cafdb34a198f6ea6109","sha512":"b30e3c27f1965b80a1785146cb80d6b249ccd522dd00aa36f843eafbc34976c104ec570b050eb31b3e6f5ceeafadf5f66ee4bf226626e7777cc5a38cb9a8d834","ssdeep":"192:5F4KrJkbCsk866psF+si7VRRL7jOf7sftQAYB/FvSgRgibNEVp/AtikM590JTIeo:sb1K6psx/Fg4Up/41TIeCkKoc","tlshash":"1472c619e32c9999e4eb32f5189f458d383f4133ce0289913a9cd9945be5618b23bb7c","size":16824,"data":"","first_seen":"2024-08-20T17:00:28.351767Z","last_seen":"2026-06-05T15:31:35.507537Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f7450eadbea1ba368d033d6357d1733d","sha1":"2c92ff7bc86fce360a6b6a98cd4a694daed93491","sha256":"549666a2026c3da2a95cc7e57a1d413f63b5a59da8ad5b6c69eb98b8c62382f1","sha512":"6663fe2ded51caf33850b0657a39a0078b8c13ae1249a3675ebd66f2190f794f74e07286bdeffd1f1310389720426a9ff7140e66d479efeabd14e3eabd4606e1","ssdeep":"","tlshash":"bab012134216dff87d6f11549174d041a3f7432830d9458c851f00a112df53d448a17e","size":106,"data":"","first_seen":"2025-07-28T03:44:45.575937Z","last_seen":"2026-06-02T12:36:10.443674Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"e0d18a1b738d2378e6fa070cb331f254","sha1":"2974cfab82e5d7f959868c2af5e12b3d742eba23","sha256":"14b5966b5751233cd741da962da2ffa3f82dfa789a53abbb0e3b84cd7211f618","sha512":"276accda9b0c7948d25360609a970add20d90838b5b4bcf8d228ca0ee3928ec7cb98f3a8519263e88e1a2d44497f6d68b3d92e353be586f78f61cb2d710ff185","ssdeep":"","tlshash":"8bd02eb18c0282cc898009d0f830b088e2eecb1ae454f885600c8886208afde490a52a","size":250,"data":"","first_seen":"2026-06-02T05:38:36.780617Z","last_seen":"2026-06-02T12:36:10.448798Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b3bf742b87eab13561c08070eaee6416","sha1":"fd4c07a8cccbfa6136825ee1e464c182ac0ad0d1","sha256":"95f8b67817f438cf0f147a83f95ae7c2846cf875691a1836239095cdf98f752b","sha512":"8dc25424a6738fabba8148bd305777d8238168992299a9ac467547678048ad60eb9cf1a50b98e3bbac3ec89e205f34ad100a3bbeefd4c38266d0663df0cf0afb","ssdeep":"","tlshash":"c1e026aa29721674578419fa992ff92cf1aa627c0554e003f58dfc230424eef4e2ead5","size":345,"data":"","first_seen":"2023-03-11T21:10:52Z","last_seen":"2026-06-07T06:12:34.817152Z","times_seen":3488,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c4b72595544204b67043669f914fcc0b","sha1":"251c2ad3068d2d640bfa5a9368ca70cb18b6af56","sha256":"49163219c50f9bbe2de6428177deb21f133f877931d4691622f83b65f73b4ee0","sha512":"44d9ab77c7dc400b80c76b6a426fc9fad79aae58161caab95fcac5ebb161c4fa5dcf1cf785f8c59f85046c75745d1f5d05a746ede34817d8bd1eb029c429d4c6","ssdeep":"","tlshash":"aff0dcee5c81e2a81bc734ac9bbbea4cc06e1425280ec803a4d5c4cd3c3dfd9442938c","size":492,"data":"","first_seen":"2025-11-11T17:30:33.745156Z","last_seen":"2026-06-02T12:36:10.440924Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-06-06T23:16:57.988363Z","times_seen":98187,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"482476d26150f1d887888972e2a4c9d1","sha1":"9ed2a86ee23e5cb245f1d635e065437769e6fb23","sha256":"115744054dd514c308f32f21496f3a852fe18fa040808244d00f160a88c83da9","sha512":"81b44a050bf678866da8c18309ab2fd9198e2a32e3ec5aa4dab77e2c0cfd3e3068bd7e72df04e46aba9f67fd4f0bfab4d0d8783db4dfcf0a6d897057fd774540","ssdeep":"","tlshash":"efc02b631d11c81891014ec6e0a3fc6cc0d0f029c614dccec0d034cc31905c908111d0","size":141,"data":"","first_seen":"2023-03-08T20:31:31Z","last_seen":"2026-06-06T08:21:02.245145Z","times_seen":185,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"f06d074b34d95c9b1b88271b81518bf7","sha1":"e9f354647f464693cdf50736b3255a8c78ff6c37","sha256":"601085eb0095bf50b17ae398113fc532d281b2b897b587cad6c18c9ea3036635","sha512":"a2346158efc3e4791ec531b9e7276128ff1aef6559939613be32a70a9c4a8d453755760c3da77983ab5f77c7cf3f87f0e9a4a3ad19b4dc910fce2a5f73ceb19a","ssdeep":"","tlshash":"22b01246ce05d04844505ec0fbb1f1284150dd521158fccd58846ce660c1dcfdd0a228","size":105,"data":"","first_seen":"2026-06-02T05:38:36.783461Z","last_seen":"2026-06-02T12:36:10.452553Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"f86017a0651ae0b7ed1212253f978b64","sha1":"9f8e7bd28fcbb59361a5162a68217dfa4ba22031","sha256":"3682de440eebc0b203dd257c4138eeeb73a10c6973bdcc021b727207e1edb6a8","sha512":"d70655dfd4166b448dd25961caa70f8b1bdd776e423eb08ce6cd57baf3b144ba44f1c8cbbb21a52a203e5d43c2627e58caedf75dc1d20e30c4140e01be893126","ssdeep":"","tlshash":"1b51336386cc904f8aa1e048d334fada5613682fcfb3ec47ee64559fca014ea89434cd","size":2654,"data":"","first_seen":"2026-06-02T08:30:40.368984Z","last_seen":"2026-06-02T08:30:40.368984Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"6629ec12d639aad22dc9a383c7e1d0f8","sha1":"ed82f7ecc48f789e8e5096c7e81f6dfc43c99b41","sha256":"2f626bde6501ca265c8a3dd9242527e6800fb31a7bcfe8ec3613219bcbdfa61d","sha512":"3d1223833a454814a86b97bbb8abcf7609c6a52753ed8234fb931904b80f86d15da7be2a0e937ac8b9efdd4e798a035a2c1a9cfdb6e6cf9e9ae83f4a0c326043","ssdeep":"","tlshash":"e6f09eee5c81e5a41bd7349c57bbe64cc45e1425240ec403a4d5c4cd3c3dfd5442934c","size":508,"data":"","first_seen":"2024-02-07T10:19:18Z","last_seen":"2026-06-03T04:52:59.285605Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"0de853ccecc4b37fda136802f759c598","sha1":"2e7f76b94d288c870c5925a68cb5b112a327c41b","sha256":"db3f61f49e2f2cfe3d477fbd3555868f2519f71fb851177bf7085b4d07716c9d","sha512":"d2d390950dd156137f20b17da497798fe37f99e6173276fb5269a825a8745d3fb86f991ac70e22900badc4411cd48a9f60408a2fb7ec2859e8900a62e45ca7df","ssdeep":"","tlshash":"06f09e6e5c41e5941ad724ac5fabd28dd1ee00a4100dcc03bae5c4cd3c38fd4052634c","size":508,"data":"","first_seen":"2023-05-13T11:25:01Z","last_seen":"2026-06-06T08:21:02.2439Z","times_seen":157,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"92301e2e766f4e28e2c5777da0ec5a63","sha1":"06d933c6ef289ba7f9b68872d4ffedd10e7d24ba","sha256":"854d17d9cd2ae7d8db4518d46a28ca38bc059b4fbfd963830543e174f5d3a64d","sha512":"cf4f4def817ebe03af720f5bb29b75f5c12f6293ae157bf201f80c236f44007669fd5edc3f636c384aa6e93f1ca88e90ec5a7b134acc54da53da91be3a010e63","ssdeep":"","tlshash":"e1a022033e02c088ac2220e2b0b0f83ce0b23a20a882ec0cccf000282c823c8cf80002","size":77,"data":"","first_seen":"2024-01-25T12:59:34Z","last_seen":"2026-06-06T08:21:02.244553Z","times_seen":153,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"89tongji.com/tj.js?id=6","fqdn":"89tongji.com","domain":"89tongji.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:14.217Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /tj.js?id=6 HTTP/1.1\r\nHost: 89tongji.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":62,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img70.dongjiakg.com/gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d5ded1150022196b79abf50d545e077317442214da1ad2ec80_284_284_5.jpg","fqdn":"img70.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.143Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d5ded1150022196b79abf50d545e077317442214da1ad2ec80_284_284_5.jpg HTTP/1.1\r\nHost: img70.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d5ded1150022196b79abf50d545e077317442214da1ad2ec80_284_284_5.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":670,"timings":{"blocked":351,"dns":1,"connect":129,"send":0,"wait":188,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/index_cache.html","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.162Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /index_cache.html HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":1331,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (575)","md5":"52b8629f8be837ae788237f5cbf6aa94","sha1":"ebdade0583a44cb57f0f24f84df3e387424a971f","sha256":"ddf3257f2da138b075f241bd4b2396038afd7ba5abd0fb2f97e6d4a0857d68b6","sha512":"fdfa2c3e2d113245b3f020f51a418c4ee554edfb2171de492cee4b63c5e6c14e14100c824b173760afd805daa19b60501ae399b5c21d9dec2bc54cf3dc73c2cd","ssdeep":"","tlshash":"2f21785b2dd2657c190334dde8e7edd9f0915174a6149002e99f982382402eb424ebe8","first_seen":"2026-06-02T05:38:36.756693Z","last_seen":"2026-06-02T12:36:10.418272Z","times_seen":3,"resource_available":false,"data":null}},"time_used":803,"timings":{"blocked":649,"dns":0,"connect":0,"send":0,"wait":154,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/skins/234577/images/aCont.png","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"47.104.145.44","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.647Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/aCont.png HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: Tengine\r\nDate: Tue, 02 Jun 2026 08:30:12 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":2710,"timings":{"blocked":1227,"dns":905,"connect":275,"send":0,"wait":299,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d5f8dd00ca2af79443937819ff44454f8e0e11466b0b5535b1_284_284_5.jpg","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.917Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d5f8dd00ca2af79443937819ff44454f8e0e11466b0b5535b1_284_284_5.jpg HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/images/Send.png","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:13.018Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/Send.png HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/skins/234577/Css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:13 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/skins/234577/images/Send.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":164,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":162,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/images/arrows1.png","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:13.187Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/arrows1.png HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/skins/234577/Css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:13 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/skins/234577/images/arrows1.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/Css/style.css","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.105Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/Css/style.css HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":130203,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (351)","md5":"4e8ca9812f667847f7add6baeb1f632c","sha1":"52aef253602a1fb896ce20e812ab851b1bc3e7af","sha256":"969f3627c49ac2236399227454a250343d0aed88a8511edc50367cbe914301e3","sha512":"32ee488b39825e4a30fac270ee6acdcd351965af1831a4b79404d4e1f2e277865e0dd34f0b5a2e7d3b28810072cbcff396a656623f5ecae9511d0d45bb875313","ssdeep":"1536:xoMUOBvK3XY3XV6zGi6VM5ywFZVKL3DAADvk3o63bAKmmWA2FdwQsmdpwnbNUfaf:xC","tlshash":"31d35132eb91300df5378662be82bbdd6319805bb3830afdae543938d18f09755b2795","first_seen":"2026-06-02T05:38:36.76177Z","last_seen":"2026-06-02T12:36:10.427003Z","times_seen":3,"resource_available":false,"data":null}},"time_used":514,"timings":{"blocked":107,"dns":1,"connect":128,"send":0,"wait":148,"receive":130,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/js/JSChat.js","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.116Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/JSChat.js HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":1596,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text","md5":"5122b87041a34991740a2418cf688de4","sha1":"ae0142e84d1e0f3c4749ea58827ae56d2a32fbbc","sha256":"40061d6dc948529ad974ca45b9b63d65ff87037086f65629d1e958cb1de10ccd","sha512":"a96700940fd242137764811caa4748780c79b6925f05ad2b31238126ee24d24ab70c05f0c72de11fde17efd99247a5b3225dbdc708249c59f9b047d5e435a481","ssdeep":"","tlshash":"de31edb24a53931209094ea3c71a134ce267915b9117e8623d3d6d643f88927b7997f0","first_seen":"2025-04-06T23:54:49.048059Z","last_seen":"2026-06-06T21:59:48.651706Z","times_seen":649,"resource_available":false,"data":null}},"time_used":365,"timings":{"blocked":222,"dns":0,"connect":0,"send":0,"wait":143,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"img78.dongjiakg.com/gxhpic_81815bbd64/62b67f438055e754ecf537370a811bc92aa6f2bbed94ce412e5a4bd408a073cde3d3fd605a6da264_284_284_5.jpg","fqdn":"img78.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.137Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_81815bbd64/62b67f438055e754ecf537370a811bc92aa6f2bbed94ce412e5a4bd408a073cde3d3fd605a6da264_284_284_5.jpg HTTP/1.1\r\nHost: img78.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/gxhpic_81815bbd64/62b67f438055e754ecf537370a811bc92aa6f2bbed94ce412e5a4bd408a073cde3d3fd605a6da264_284_284_5.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":685,"timings":{"blocked":357,"dns":0,"connect":129,"send":0,"wait":199,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img80.dongjiakg.com/gxhpic_81815bbd64/62b67f438055e754ecf537370a811bc975b8202caa2a112acd95d92bdf7b099948fd7e6c48c1b526_284_284_5.jpg","fqdn":"img80.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.142Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_81815bbd64/62b67f438055e754ecf537370a811bc975b8202caa2a112acd95d92bdf7b099948fd7e6c48c1b526_284_284_5.jpg HTTP/1.1\r\nHost: img80.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/gxhpic_81815bbd64/62b67f438055e754ecf537370a811bc975b8202caa2a112acd95d92bdf7b099948fd7e6c48c1b526_284_284_5.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":682,"timings":{"blocked":351,"dns":1,"connect":128,"send":0,"wait":201,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/images/cf3.jpg","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.148Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/cf3.jpg HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/skins/234577/images/cf3.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":651,"timings":{"blocked":475,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d5e6163aa21bc05f78d8d5cf9c4dc7410802da1e9cc11ecc58_284_284_5.jpg","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"47.104.145.44","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.886Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d5e6163aa21bc05f78d8d5cf9c4dc7410802da1e9cc11ecc58_284_284_5.jpg HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: Tengine\r\nDate: Tue, 02 Jun 2026 08:30:13 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":2078,"timings":{"blocked":1786,"dns":0,"connect":0,"send":0,"wait":292,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chat.dongjiakg.com/chat/KFCenterBox/234577","fqdn":"chat.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:12.686Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /chat/KFCenterBox/234577 HTTP/1.1\r\nHost: chat.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tp.xinxiyidiantong.com:5868/uploads/w1ldefq37i5y25na7cemsopbpww2nu.gif","fqdn":"tp.xinxiyidiantong.com","domain":"xinxiyidiantong.com","tld":"com"},"ip":{"addr":"27.124.44.50","port":5868,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:14.070Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"tp.xinxiyidiantong.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 19 May 2026 03:24:08 GMT","end":"Mon, 17 Aug 2026 03:24:07 GMT"},"fingerprint":{"sha1":"B6:3F:61:9D:53:2C:33:DE:9F:F8:0D:92:E5:69:18:C3:3C:1A:49:DA","sha256":"B6:62:DF:F2:FE:DF:37:97:96:0A:06:4D:EC:8F:FF:C6:94:B8:44:DC:85:68:2F:0D:7C:31:3B:12:CA:63:29:B5"}}},"request":{"raw":"GET /uploads/w1ldefq37i5y25na7cemsopbpww2nu.gif HTTP/1.1\r\nHost: tp.xinxiyidiantong.com:5868\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:15 GMT\r\nContent-Type: image/gif\r\nContent-Length: 162061\r\nLast-Modified: Fri, 14 Jun 2024 06:33:54 GMT\r\nConnection: keep-alive\r\nETag: \"666be452-2790d\"\r\nExpires: Thu, 02 Jul 2026 08:30:15 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":162061,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1000 x 300","md5":"4fb4afe26198c3287fb8e1a05be78270","sha1":"7f2f7b226aef1c717e47b49c29301efa77568374","sha256":"238929b5dc9d4726fd89356e5a33fa365a42d4168943a3934cb7753170bcc7fa","sha512":"5ff12adcefc3bad13c9130fcdd3a3d6c9917ee840bb63d31d5ad8901a770992b24a3a35babd62d4b6ba96898c403a228f38a157fb672addef9d1e40825679fdc","ssdeep":"3072:kW4NNuRHKOxC/DmufPzz76plgJXaBz7KT44Oz8vbM:kWuuRqUC/Dmuf7z7sqXaBz7KU4W8vbM","tlshash":"6ef3123900c89622ae6e3b2d157d86c59556f962acb02eff3b911378aff50df80054ed","first_seen":"2024-02-16T03:28:22Z","last_seen":"2026-06-07T06:12:34.737883Z","times_seen":398,"resource_available":false,"data":null}},"time_used":3140,"timings":{"blocked":850,"dns":26,"connect":254,"send":0,"wait":521,"receive":898,"ssl":588},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/css/swiper.min.css","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.110Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/css/swiper.min.css HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":16729,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (16429)","md5":"fcfc9aab98bd907a7b8ae2f59fac7717","sha1":"fb896a185ae0d84493837390d91eda55f8e66bf5","sha256":"9bd4b0106bc69ac794336612c2c25e896be4dd8cb142c90c9489d88a24d106cf","sha512":"c99ac58c5e261bc0e5377bde067252fc6d0f193837304a4a4ebbb115a60d16cd30757a95e21bc2e5e4e79a177da3e28a8ed906446590493651f50201a293f8ae","ssdeep":"192:bgG0GQPaGCF6jrfg5/HmXgyXyzSHF68DJB0SwD:bgG56Cufg/HfyXyzSl68Pe","tlshash":"f872732c17002067f6374f1947c9e77c9b15c8839e0369ef6640de48cbba5aa227f796","first_seen":"2023-11-25T10:41:09Z","last_seen":"2026-06-05T15:31:35.512289Z","times_seen":80,"resource_available":false,"data":null}},"time_used":390,"timings":{"blocked":106,"dns":1,"connect":128,"send":0,"wait":155,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/images/cf4.jpg","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.149Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/cf4.jpg HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/skins/234577/images/cf4.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":672,"timings":{"blocked":476,"dns":0,"connect":0,"send":0,"wait":196,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"img68.dongjiakg.com/gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d55ddebf2c66c4c1f704aa09d5a7496022cbedebc76544fdfd_284_284_5.jpg","fqdn":"img68.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.151Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d55ddebf2c66c4c1f704aa09d5a7496022cbedebc76544fdfd_284_284_5.jpg HTTP/1.1\r\nHost: img68.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d55ddebf2c66c4c1f704aa09d5a7496022cbedebc76544fdfd_284_284_5.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":681,"timings":{"blocked":381,"dns":0,"connect":128,"send":0,"wait":172,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img64.dongjiakg.com/gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d557d023207012606bffb4c9ddd5f95a7572dfb74fcedddbd1_284_284_5.jpg","fqdn":"img64.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.151Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d557d023207012606bffb4c9ddd5f95a7572dfb74fcedddbd1_284_284_5.jpg HTTP/1.1\r\nHost: img64.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d557d023207012606bffb4c9ddd5f95a7572dfb74fcedddbd1_284_284_5.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":654,"timings":{"blocked":342,"dns":1,"connect":128,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d557d023207012606bffb4c9ddd5f95a7572dfb74fcedddbd1_284_284_5.jpg","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"47.104.145.44","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.841Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d557d023207012606bffb4c9ddd5f95a7572dfb74fcedddbd1_284_284_5.jpg HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: Tengine\r\nDate: Tue, 02 Jun 2026 08:30:13 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":1417,"timings":{"blocked":-1,"dns":766,"connect":323,"send":0,"wait":328,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tp.xinxiyidiantong.com:5868/uploads/ndo5u75d8mk1is8ldrdhiw1h429tnk.gif","fqdn":"tp.xinxiyidiantong.com","domain":"xinxiyidiantong.com","tld":"com"},"ip":{"addr":"27.124.44.50","port":5868,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:14.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"tp.xinxiyidiantong.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 19 May 2026 03:24:08 GMT","end":"Mon, 17 Aug 2026 03:24:07 GMT"},"fingerprint":{"sha1":"B6:3F:61:9D:53:2C:33:DE:9F:F8:0D:92:E5:69:18:C3:3C:1A:49:DA","sha256":"B6:62:DF:F2:FE:DF:37:97:96:0A:06:4D:EC:8F:FF:C6:94:B8:44:DC:85:68:2F:0D:7C:31:3B:12:CA:63:29:B5"}}},"request":{"raw":"GET /uploads/ndo5u75d8mk1is8ldrdhiw1h429tnk.gif HTTP/1.1\r\nHost: tp.xinxiyidiantong.com:5868\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:15 GMT\r\nContent-Type: image/gif\r\nContent-Length: 458771\r\nLast-Modified: Tue, 11 May 2021 11:49:00 GMT\r\nConnection: keep-alive\r\nETag: \"609a6f2c-70013\"\r\nExpires: Thu, 02 Jul 2026 08:30:15 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":458771,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1000 x 300","md5":"70f984740f0767b3a77491391f9fd051","sha1":"315ee281e1f8d78a98c9495ae21a85620f52365e","sha256":"8ca0d1746eea53fd71559c3903ea72e3c7020cbd546667c32511257fdc53dff6","sha512":"6a3c8cd2ceca01d278bc2affca199747c7c1c2318ac74f67bfbfed3027c9fec60102c513c1460edef51b9e6d0d0c4dcea3ade2b62c66f9b9a22960fab7769c59","ssdeep":"12288:LKGXVMvoygGLsJBQQNIqwVYHLMuJNEJnSftlyTAUozFb:hXWVhkFweLMuqSVI36","tlshash":"9ea42312575a395c0ab3a8e35c26ff8b4d35a1962322f03aa30fe57fd4404e794b6763","first_seen":"2023-10-31T02:49:06Z","last_seen":"2026-06-07T06:12:34.767291Z","times_seen":2080,"resource_available":false,"data":null}},"time_used":4243,"timings":{"blocked":1361,"dns":0,"connect":0,"send":0,"wait":304,"receive":2578,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tp.xinxiyidiantong.com:5868/uploads/iwv840mvscz87ws4p3324p7k2i4yuh.gif","fqdn":"tp.xinxiyidiantong.com","domain":"xinxiyidiantong.com","tld":"com"},"ip":{"addr":"27.124.44.50","port":5868,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:14.082Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"tp.xinxiyidiantong.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 19 May 2026 03:24:08 GMT","end":"Mon, 17 Aug 2026 03:24:07 GMT"},"fingerprint":{"sha1":"B6:3F:61:9D:53:2C:33:DE:9F:F8:0D:92:E5:69:18:C3:3C:1A:49:DA","sha256":"B6:62:DF:F2:FE:DF:37:97:96:0A:06:4D:EC:8F:FF:C6:94:B8:44:DC:85:68:2F:0D:7C:31:3B:12:CA:63:29:B5"}}},"request":{"raw":"GET /uploads/iwv840mvscz87ws4p3324p7k2i4yuh.gif HTTP/1.1\r\nHost: tp.xinxiyidiantong.com:5868\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:16 GMT\r\nContent-Type: image/gif\r\nContent-Length: 156427\r\nLast-Modified: Thu, 04 Nov 2021 19:43:48 GMT\r\nConnection: keep-alive\r\nETag: \"618437f4-2630b\"\r\nExpires: Thu, 02 Jul 2026 08:30:16 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":156427,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 47, 8-bit/color RGBA, non-interlaced","md5":"0dc662bab3fb9dd17ae6f777eae62a0d","sha1":"084f96c8fe5f280844b43235d6137626b11eabf8","sha256":"1d551f0660ef7472997f772901485f85cabf9370b1ea54334dc09ad4f08301e9","sha512":"2a3341c10473717959d703be8c56ba3fa6b5979d020e162c81ef9a02c6559e4ecf5302c14261722c37d7370d05ea95cfd20191e5e92e02c25ddbd37af23f29eb","ssdeep":"3072:lHavYLzuBktXdAkB+aAXW/xMqbirMklbd0dOmvw+swTFT9orAMI:dawLzdckBWWZQrMYbd0/w+XTpbMI","tlshash":"0be31296a119c02856fe25d2145e18394a8d2064ffb30e6ee43cf8fdc1ba5a71fa0d99","first_seen":"2023-05-06T09:40:17Z","last_seen":"2026-06-07T06:12:34.765965Z","times_seen":2257,"resource_available":false,"data":null}},"time_used":2563,"timings":{"blocked":1941,"dns":0,"connect":0,"send":0,"wait":256,"receive":366,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/jquery.min.js","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.099Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /jquery.min.js HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 750\r\nLast-Modified: Wed, 04 Mar 2026 05:00:02 GMT\r\nConnection: keep-alive\r\nETag: \"69a7bc52-2ee\"\r\nExpires: Tue, 02 Jun 2026 09:30:11 GMT\r\nCache-Control: max-age=3600\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":750,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (750), with no line terminators","md5":"0531c80b37cb2a2a6efc119e123a3d20","sha1":"21f7af6e38ee3eec97519e5bc92c586e7e878f77","sha256":"ab896e03a1aff27af47b6c296c653299fd59b6c709765b01140aae082cc0129d","sha512":"604fb5b81e8aaac2d6fff234e9da3748666ad772040c3dc4470f0f09ba457c992a983d9c35a48e7d95aa1ba35fe18d78418af403eccf88de37cacf7cc0ae4f89","ssdeep":"","tlshash":"2a01fbd8d7c4d95b6ecc5d43fa14eeca22b2813b97d97187832cfa8c05ae192c49c449","first_seen":"2023-03-08T20:31:31Z","last_seen":"2026-06-06T08:21:02.212288Z","times_seen":170,"resource_available":true,"data":null}},"time_used":367,"timings":{"blocked":110,"dns":1,"connect":128,"send":0,"wait":128,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/images/ewm.jpg","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.157Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/ewm.jpg HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/skins/234577/images/ewm.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":801,"timings":{"blocked":654,"dns":0,"connect":0,"send":0,"wait":147,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/skins/234577/images/line2.png","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.646Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/line2.png HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":2381,"timings":{"blocked":1274,"dns":786,"connect":321,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/skins/234577/images/cf3.jpg","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"47.104.145.44","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.819Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/cf3.jpg HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: Tengine\r\nDate: Tue, 02 Jun 2026 08:30:13 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":1733,"timings":{"blocked":1095,"dns":0,"connect":316,"send":0,"wait":322,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/Skins/234577/images/email.png","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.931Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/234577/images/email.png HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/images/banner2.jpg","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:13.180Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/banner2.jpg HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:13 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/skins/234577/images/banner2.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":147,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":147,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tp.xinxiyidiantong.com:5868/uploads/73in1fspksw4vkiz33cink1f95gkt6.png","fqdn":"tp.xinxiyidiantong.com","domain":"xinxiyidiantong.com","tld":"com"},"ip":{"addr":"27.124.44.50","port":5868,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:14.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"tp.xinxiyidiantong.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 19 May 2026 03:24:08 GMT","end":"Mon, 17 Aug 2026 03:24:07 GMT"},"fingerprint":{"sha1":"B6:3F:61:9D:53:2C:33:DE:9F:F8:0D:92:E5:69:18:C3:3C:1A:49:DA","sha256":"B6:62:DF:F2:FE:DF:37:97:96:0A:06:4D:EC:8F:FF:C6:94:B8:44:DC:85:68:2F:0D:7C:31:3B:12:CA:63:29:B5"}}},"request":{"raw":"GET /uploads/73in1fspksw4vkiz33cink1f95gkt6.png HTTP/1.1\r\nHost: tp.xinxiyidiantong.com:5868\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:14 GMT\r\nContent-Type: image/png\r\nContent-Length: 85269\r\nLast-Modified: Thu, 30 May 2024 07:57:09 GMT\r\nConnection: keep-alive\r\nETag: \"66583155-14d15\"\r\nExpires: Thu, 02 Jul 2026 08:30:14 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85269,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1000x200, components 3","md5":"dd634dd0e0dd49206dcc5895ead43e77","sha1":"1ed15d3f4c9f439901ad35e48e997cd61e21da0c","sha256":"e5bd386dd7f166c21d2b28383dc15fc365a6a9dcad30f3d31ea03ade011f980c","sha512":"520f5c0aaa03859ad2b7a39b5aab91564d24efc9e54f802d07a2e0922089836fd44e43caba81c133e1344efee4d923759abf5bbb60b03049f0ff09c9ab924ec3","ssdeep":"1536:ghHfCs1mEmhYj/SLO+lC1zjLUKOjQ6FmkyjQ5UpshRm6gccXc5s5+IsI0h:YfC2m3qQCZXoDmkyjQjhR/BcM210h","tlshash":"6a83020460391e2efad6bc306e2d59bf96a59012e3a7d2b774e6386ff3b8130114c54e","first_seen":"2024-06-02T21:28:55Z","last_seen":"2026-06-07T06:12:34.774971Z","times_seen":2101,"resource_available":false,"data":null}},"time_used":2511,"timings":{"blocked":-1,"dns":23,"connect":260,"send":0,"wait":518,"receive":1155,"ssl":549},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/js/banner.js","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.130Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/js/banner.js HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":1934,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (378)","md5":"5c709c2bb9691764ee9944bf4551ce72","sha1":"e53e18d1526a5373fd9f7b9a724b48935e2ac653","sha256":"2f080cff55238fec7c33fca9e8380371d3a8e5a3e9dbd7f355065cf124a163a4","sha512":"17f437e7c2faeeae7a6beebd875574356800e6ace7a954bfc573684d81575253b690acf1290b54b6de26f4bbd87e2159e11ad3db4dc850e311b50a2ed753fc92","ssdeep":"","tlshash":"57410f2b52952428910bf93ec2ff511069784607ad26ed88728d71515f6e83850feffe","first_seen":"2023-11-25T10:41:09Z","last_seen":"2026-06-05T15:31:35.501919Z","times_seen":58,"resource_available":true,"data":null}},"time_used":384,"timings":{"blocked":238,"dns":0,"connect":0,"send":0,"wait":146,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d51e037e41e41cbdc89160030562c5562763a69d7c0efae694_284_284_5.jpg","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"47.104.145.44","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.853Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d51e037e41e41cbdc89160030562c5562763a69d7c0efae694_284_284_5.jpg HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: Tengine\r\nDate: Tue, 02 Jun 2026 08:30:13 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":1706,"timings":{"blocked":1384,"dns":0,"connect":0,"send":0,"wait":322,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/gxhpic_81815bbd64/62b67f438055e754eef8ec5053ed8ba27c935c8e56ae84e2e7f0186e692e8b3c1bfd93997d0b1fd8_284_284_5.jpg","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.889Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_81815bbd64/62b67f438055e754eef8ec5053ed8ba27c935c8e56ae84e2e7f0186e692e8b3c1bfd93997d0b1fd8_284_284_5.jpg HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":1997,"timings":{"blocked":1997,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/skins/234577/images/nav_line.jpg","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"47.104.145.44","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:13.293Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/nav_line.jpg HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: Tengine\r\nDate: Tue, 02 Jun 2026 08:30:13 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":293,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":292,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.174.229.1","port":80,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:14.594Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Length: 333\r\nOrigin: http://gkbci29u.dongjiakg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 210 Unknown Status\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: http://gkbci29u.dongjiakg.com\r\nAccess-Control-Allow-Credentials: true\r\nServer: TencentEdgeOne\r\nAge: 0\r\nContent-Length: 0\r\nConnection: keep-alive\r\nDate: Tue, 02 Jun 2026 08:30:14 GMT\r\nEO-LOG-UUID: 10614725881598381350\r\nEO-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"Unknown Status","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":446,"timings":{"blocked":99,"dns":50,"connect":19,"send":0,"wait":276,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/js/jquery.min.js","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.097Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/js/jquery.min.js HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":96298,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32341)","md5":"e20fb66dd0a4c9a1397b7498194e87a0","sha1":"d682a75edd8aa7dc0dfc8183dd3b58f97fbccb04","sha256":"8bed1817a693a0447277bf0760625ccb52b487e0f9ab940ed92c15be027383f9","sha512":"0c0cf51ba3956acaa2887e47aec57a3fdb13dc39af4fd7c7517782a6c7f28ac8175fb67f404ccaddc8ffb6d9bf59ef8a751d5a47a1586b359950b059fb2028ce","ssdeep":"1536:nPpEy5BMibZGOj/bEe8v+/UWf4IhvAuCh/jqkODZ2D5N9Rag0MOIdSZAgtgoX5YH:eIO/e2D5c4LgtIGLja98HrK","tlshash":"2e93e8d9b6d2706287b730a851bf510bb17698eab80c4c60f158d8e47eb4e8d507bf2d","first_seen":"2023-03-13T02:33:14Z","last_seen":"2026-06-05T15:31:35.50301Z","times_seen":96,"resource_available":true,"data":null}},"time_used":275,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":145,"receive":130,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/images/line1.png","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.132Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/line1.png HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/skins/234577/images/line1.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":841,"timings":{"blocked":689,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/images/line2.png","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.144Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/line2.png HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/skins/234577/images/line2.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":493,"timings":{"blocked":350,"dns":0,"connect":0,"send":0,"wait":143,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/Skins/234577/images/fax.png","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.882Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/234577/images/fax.png HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/skins/234577/images/cf4.jpg","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.901Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/cf4.jpg HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":2091,"timings":{"blocked":2091,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/js/jquery.pack.js","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.113Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/js/jquery.pack.js HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":69324,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (833)","md5":"ff5b8afb21dee017ae9178cca8389e36","sha1":"db2aeb278a91fc9c2ac31e28c412ceb007bad434","sha256":"883f3c72efb849c6921de15da7b37e26bb0602472ef5009fe3832e4a780441c2","sha512":"e19b2db4b711cdd14c74de305a5de95ec2856570dd62f3c981fdf6ed0a44c57b52db05687ed2118def583a7f256ea67885d7c09ee2921ca73419579613541ba4","ssdeep":"1536:z+DyCyw7SyxTIWvATvwNkENyfDJmlEIjm9Rnge1mzUQIdZQXNj9ZpdkqvAsZ:zKmSTIYNkyUhtKXLZfkqvAsZ","tlshash":"bf63f8c9b2c67172c7e7307820bf510af136a8aaa44c4854f06ce8e5be74a59443bf7d","first_seen":"2025-04-22T06:31:00.547139Z","last_seen":"2026-06-06T19:54:58.620518Z","times_seen":133,"resource_available":false,"data":null}},"time_used":511,"timings":{"blocked":103,"dns":1,"connect":130,"send":0,"wait":147,"receive":130,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/Images/logo.png","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.122Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/Images/logo.png HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/skins/234577/Images/logo.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":859,"timings":{"blocked":713,"dns":0,"connect":0,"send":0,"wait":146,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/images/cf1.jpg","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.147Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/cf1.jpg HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/skins/234577/images/cf1.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":540,"timings":{"blocked":397,"dns":0,"connect":0,"send":0,"wait":143,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"img70.dongjiakg.com/gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d59ddf94ee44cc96e3d9682356b748cff4287ffc4db47cc245_284_284_5.jpg","fqdn":"img70.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.150Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d59ddf94ee44cc96e3d9682356b748cff4287ffc4db47cc245_284_284_5.jpg HTTP/1.1\r\nHost: img70.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d59ddf94ee44cc96e3d9682356b748cff4287ffc4db47cc245_284_284_5.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":659,"timings":{"blocked":345,"dns":0,"connect":129,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/skins/234577/images/cf1.jpg","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"47.104.145.44","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.693Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/cf1.jpg HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: Tengine\r\nDate: Tue, 02 Jun 2026 08:30:13 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":2679,"timings":{"blocked":1237,"dns":776,"connect":332,"send":0,"wait":334,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/gxhpic_81815bbd64/62b67f438055e754ecf537370a811bc92aa6f2bbed94ce412e5a4bd408a073cde3d3fd605a6da264_284_284_5.jpg","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"47.104.145.44","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.929Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_81815bbd64/62b67f438055e754ecf537370a811bc92aa6f2bbed94ce412e5a4bd408a073cde3d3fd605a6da264_284_284_5.jpg HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":2063,"timings":{"blocked":1739,"dns":0,"connect":0,"send":0,"wait":324,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qiufacai.top:15668/fcl.php?keyword=57365z%E7%BA%BF%E8%B7%AF%E6%A3%80%E6%B5%8B%E4%B8%AD%E5%BF%83(%E4%B8%AD%E5%9B%BD)%E8%82%A1%E4%BB%BD%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8\u0026from=pc\u0026originUrl=http%3A%2F%2Fgkbci29u.dongjiakg.com%2F\u0026referer=\u0026userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026v=10051","fqdn":"qiufacai.top","domain":"qiufacai.top","tld":"top"},"ip":{"addr":"143.92.57.31","port":15668,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:12.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"qiufacai.top","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Apr 2026 01:38:41 GMT","end":"Fri, 10 Jul 2026 01:38:40 GMT"},"fingerprint":{"sha1":"F0:63:02:48:5B:25:79:88:CF:05:5D:77:16:9C:15:70:3F:79:97:16","sha256":"48:C5:A6:CD:F6:14:7F:76:47:53:0D:06:A1:77:E4:0F:E4:8D:3F:4A:A0:F7:9C:FC:C9:F4:80:86:E0:3B:FB:0A"}}},"request":{"raw":"GET /fcl.php?keyword=57365z%E7%BA%BF%E8%B7%AF%E6%A3%80%E6%B5%8B%E4%B8%AD%E5%BF%83(%E4%B8%AD%E5%9B%BD)%E8%82%A1%E4%BB%BD%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8\u0026from=pc\u0026originUrl=http%3A%2F%2Fgkbci29u.dongjiakg.com%2F\u0026referer=\u0026userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026v=10051 HTTP/1.1\r\nHost: qiufacai.top:15668\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://gkbci29u.dongjiakg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:13 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nAccess-Control-Allow-Origin: *\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":2661,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1839), with CRLF line terminators","md5":"ec2d30bbde134a21aa39407790d4ecd8","sha1":"70f43f1b8b7dddbaf013ac7a8f6e7e849c8149af","sha256":"991dcc7bc6a34066a9d444ed06fa08edd9f0abe8bbb78393778482e8862af6d1","sha512":"4df72194e4c963cb5367125b5b25d8530f0013f957e13629d9e3f6dab028ee83ef913f19d079b5f98b5a9dbc31d553ccf75845c0d47be99a1b6eaf0e422c4198","ssdeep":"","tlshash":"fe51116386cc954f8a61e058d334faea5613682fcf73ec47ee64559fca014ea89434cd","first_seen":"2026-06-02T08:30:40.341049Z","last_seen":"2026-06-02T08:30:40.341049Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1125,"timings":{"blocked":-1,"dns":64,"connect":267,"send":0,"wait":271,"receive":0,"ssl":522},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chat.dongjiakg.com/chat/KFLeftBox/234577","fqdn":"chat.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:12.831Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /chat/KFLeftBox/234577 HTTP/1.1\r\nHost: chat.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":1,"timings":{"blocked":0,"dns":1,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-02T08:30:10.712Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:10 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]}],"data":{"size":31345,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (641)","md5":"43c659593355badbd50b936a37d84452","sha1":"7b211026d8226ab18f063ee10a877ba8f1df6464","sha256":"d616f4d1df0d674a5f684c0a7f43e3dec62936dad821cf92442dee26a6edb0c9","sha512":"c09b8e43e078a00cb186ae61b58c9bd00be971c7724ed60d9de738c55db4840d4807aad712d10a0cd0aecef9d7fceffaf89390b07020c6155625155650767706","ssdeep":"384:mb9bwOOav9pqiS93A3RQDlKSJxd4oo+9LjUL+gBbfCsnq+d:mb9bwOOav9pqiS93ATSJRo+9Ip57fd","tlshash":"c5e2c85288d5a97600a211fab4bd672fb4c7d26be5132f02b2fc669ecfc1fe54d02509","first_seen":"2026-06-02T05:38:36.744424Z","last_seen":"2026-06-02T12:36:10.432337Z","times_seen":3,"resource_available":true,"data":null}},"time_used":401,"timings":{"blocked":127,"dns":1,"connect":129,"send":0,"wait":143,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"img63.dongjiakg.com/gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d51e037e41e41cbdc89160030562c5562763a69d7c0efae694_284_284_5.jpg","fqdn":"img63.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.135Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d51e037e41e41cbdc89160030562c5562763a69d7c0efae694_284_284_5.jpg HTTP/1.1\r\nHost: img63.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d51e037e41e41cbdc89160030562c5562763a69d7c0efae694_284_284_5.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":672,"timings":{"blocked":359,"dns":1,"connect":128,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fcl.xueyuxingfeng.com:6987/advanced/ashuai/sj.js","fqdn":"fcl.xueyuxingfeng.com","domain":"xueyuxingfeng.com","tld":"com"},"ip":{"addr":"27.124.44.6","port":6987,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.459Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"fcl.xueyuxingfeng.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 03:19:44 GMT","end":"Fri, 14 Aug 2026 03:19:43 GMT"},"fingerprint":{"sha1":"1F:85:5F:69:E3:39:C4:E0:A8:1B:23:F7:39:35:A6:81:BD:99:AD:BF","sha256":"DE:FC:82:FC:90:D7:75:5B:60:46:F3:BE:7B:4B:4A:86:B0:68:66:6E:0F:8A:9C:E0:81:87:43:28:CE:70:4C:D6"}}},"request":{"raw":"GET /advanced/ashuai/sj.js HTTP/1.1\r\nHost: fcl.xueyuxingfeng.com:6987\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:12 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Thu, 13 Feb 2025 10:31:34 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67adca06-d24\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3364,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"ead0945734d2df1393f97b83395ce5a5","sha1":"02075f8db8ec645ac0333d11f29cf592e34fe824","sha256":"acc560eecd34add4d045a64d0261d40c73f6b19af0ed698921622e9d7fe616fe","sha512":"9747e0b01ffa510bf24d56e9c634c930f3c04b61d35e1c9d305087fcb3e00adeb5896cd70542dbeb58d0de07b7331a79d9e5799f15b98c4a0f7bfe37f44d7736","ssdeep":"","tlshash":"39612e94ef8d20338e133165ae6f958c24be68577944eca7f80c64d44fa0d38852beac","first_seen":"2025-02-18T11:26:37.42474Z","last_seen":"2026-06-07T12:39:06.953383Z","times_seen":474,"resource_available":true,"data":null}},"time_used":1919,"timings":{"blocked":824,"dns":34,"connect":260,"send":0,"wait":269,"receive":0,"ssl":529},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"fcl.xueyuxingfeng.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"fcl.xueyuxingfeng.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/Skins/234577/images/qq1.png","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.881Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/234577/images/qq1.png HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/gxhpic_81815bbd64/ca7ba1f0caefaac770645fcee91fb34720f8fb0ca24d2a9f365c91fac63ad0a469331e605078d30c_284_284_5.png","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.930Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_81815bbd64/ca7ba1f0caefaac770645fcee91fb34720f8fb0ca24d2a9f365c91fac63ad0a469331e605078d30c_284_284_5.png HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":1767,"timings":{"blocked":1767,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/skins/234577/images/abg.jpg","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"47.104.145.44","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:13.375Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/abg.jpg HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: Tengine\r\nDate: Tue, 02 Jun 2026 08:30:13 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":521,"timings":{"blocked":229,"dns":0,"connect":0,"send":0,"wait":292,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.174.229.1","port":80,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:14.625Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Length: 334\r\nOrigin: http://gkbci29u.dongjiakg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 210 Unknown Status\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: http://gkbci29u.dongjiakg.com\r\nAccess-Control-Allow-Credentials: true\r\nServer: TencentEdgeOne\r\nAge: 0\r\nContent-Length: 0\r\nConnection: keep-alive\r\nDate: Tue, 02 Jun 2026 08:30:14 GMT\r\nEO-LOG-UUID: 12292758408825640174\r\nEO-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"Unknown Status","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":375,"timings":{"blocked":71,"dns":5,"connect":19,"send":0,"wait":279,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gkbci29u.dongjiakg.com/","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-02T08:30:10.436Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":131,"timings":{"blocked":131,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chat.dongjiakg.com/chat/KFLeftBox/234577","fqdn":"chat.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.120Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /chat/KFLeftBox/234577 HTTP/1.1\r\nHost: chat.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":27,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/js/swiper.min.js","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.128Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/js/swiper.min.js HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":96417,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (31997)","md5":"718ed4d9c9cb7a5f354328a42f20d241","sha1":"1019f782bc162d436ff5df41fe233520a1751e5f","sha256":"ecd149351638c9d16c094bbe1a3d5798df3693db35eaa78f7af1d63e88835ab0","sha512":"16fa38d18cde8c5b7574fc28160ed0cd695d560e1729d54ccb560f91af024a203466a4757161f773f9ecb1032b14d201f58ab5ce7c7a521f3c8a04621dc2f1c7","ssdeep":"1536:eyOkN3TklR3ZIFD7+Y7n2L5ydUTq0tSQfCBTR:LTF73uTq/","tlshash":"e293e66eb314f3e295d3214a675ac64122f21706b849dae870b54c4a68bcc5d03bffbd","first_seen":"2023-03-13T02:33:14Z","last_seen":"2026-06-05T15:31:35.513419Z","times_seen":121,"resource_available":true,"data":null}},"time_used":373,"timings":{"blocked":226,"dns":0,"connect":0,"send":0,"wait":146,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"img61.dongjiakg.com/gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d5f8dd00ca2af79443937819ff44454f8e0e11466b0b5535b1_284_284_5.jpg","fqdn":"img61.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.150Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d5f8dd00ca2af79443937819ff44454f8e0e11466b0b5535b1_284_284_5.jpg HTTP/1.1\r\nHost: img61.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d5f8dd00ca2af79443937819ff44454f8e0e11466b0b5535b1_284_284_5.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":679,"timings":{"blocked":369,"dns":0,"connect":128,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d55ddebf2c66c4c1f704aa09d5a7496022cbedebc76544fdfd_284_284_5.jpg","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.928Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d55ddebf2c66c4c1f704aa09d5a7496022cbedebc76544fdfd_284_284_5.jpg HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/images/nav_line.jpg","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:13.019Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/nav_line.jpg HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/skins/234577/Css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:13 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/skins/234577/images/nav_line.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":153,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":149,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.dongjiakg.com/mystat.aspx?u=jnhengzhun","fqdn":"www.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:13.016Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /mystat.aspx?u=jnhengzhun HTTP/1.1\r\nHost: www.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":5,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/images/banner1.jpg","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:13.171Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/banner1.jpg HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:13 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/skins/234577/images/banner1.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":163,"timings":{"blocked":6,"dns":0,"connect":0,"send":0,"wait":151,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/Skins/234577/images/qq1.png","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.152Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/234577/images/qq1.png HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/Skins/234577/images/qq1.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":658,"timings":{"blocked":485,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/Skins/234577/images/ewm.jpg","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.976Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/234577/images/ewm.jpg HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/skins/234577/images/arrows1.png","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"47.104.145.44","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:13.357Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/arrows1.png HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: Tengine\r\nDate: Tue, 02 Jun 2026 08:30:13 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":343,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":342,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img61.dongjiakg.com/gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d572ae029757a3b813ac37c1b1e1c59ad54ea2361215b1fdfb_284_284_5.jpg","fqdn":"img61.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.136Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d572ae029757a3b813ac37c1b1e1c59ad54ea2361215b1fdfb_284_284_5.jpg HTTP/1.1\r\nHost: img61.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d572ae029757a3b813ac37c1b1e1c59ad54ea2361215b1fdfb_284_284_5.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":688,"timings":{"blocked":371,"dns":0,"connect":128,"send":0,"wait":189,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img79.dongjiakg.com/gxhpic_81815bbd64/ca7ba1f0caefaac770645fcee91fb34720f8fb0ca24d2a9f365c91fac63ad0a469331e605078d30c_284_284_5.png","fqdn":"img79.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.140Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_81815bbd64/ca7ba1f0caefaac770645fcee91fb34720f8fb0ca24d2a9f365c91fac63ad0a469331e605078d30c_284_284_5.png HTTP/1.1\r\nHost: img79.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/gxhpic_81815bbd64/ca7ba1f0caefaac770645fcee91fb34720f8fb0ca24d2a9f365c91fac63ad0a469331e605078d30c_284_284_5.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":684,"timings":{"blocked":354,"dns":1,"connect":129,"send":0,"wait":199,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/skins/234577/Images/logo.png","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"47.104.145.44","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.987Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/Images/logo.png HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: Tengine\r\nDate: Tue, 02 Jun 2026 08:30:13 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":1455,"timings":{"blocked":1163,"dns":0,"connect":0,"send":0,"wait":291,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"hm.baidu.com/h.js?7d9a8f91cbe824f1a01483a7ca96a686","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:13.288Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /h.js?7d9a8f91cbe824f1a01483a7ca96a686 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tp.xinxiyidiantong.com:5868/uploads/vinb9ufmfncf975y9rvx382nt7h7123khi4lo6kk.gif","fqdn":"tp.xinxiyidiantong.com","domain":"xinxiyidiantong.com","tld":"com"},"ip":{"addr":"27.124.44.50","port":5868,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:14.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"tp.xinxiyidiantong.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 19 May 2026 03:24:08 GMT","end":"Mon, 17 Aug 2026 03:24:07 GMT"},"fingerprint":{"sha1":"B6:3F:61:9D:53:2C:33:DE:9F:F8:0D:92:E5:69:18:C3:3C:1A:49:DA","sha256":"B6:62:DF:F2:FE:DF:37:97:96:0A:06:4D:EC:8F:FF:C6:94:B8:44:DC:85:68:2F:0D:7C:31:3B:12:CA:63:29:B5"}}},"request":{"raw":"GET /uploads/vinb9ufmfncf975y9rvx382nt7h7123khi4lo6kk.gif HTTP/1.1\r\nHost: tp.xinxiyidiantong.com:5868\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:14 GMT\r\nContent-Type: image/gif\r\nContent-Length: 214316\r\nLast-Modified: Thu, 14 Nov 2019 06:29:46 GMT\r\nConnection: keep-alive\r\nETag: \"5dccf45a-3452c\"\r\nExpires: Thu, 02 Jul 2026 08:30:14 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":214316,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=3, software=Adobe Photoshop CC 2014 (Windows), datetime=2019-09-30T17:50:59+08:00], progressive, precision 8, 1020x255, components 3","md5":"8fbc123b4636b3c9a8f1411c160a9e99","sha1":"48f62c4c22122a04026a1e329bccce93fc7aae77","sha256":"69f497a64f8dab090cb547e5f9063b1c33d0d8fc87573f87eff1016fb2d4dad5","sha512":"821f26949d9b21304202d7cd0945a3351e3420ebba3d129b6111176978e3a5ba1e4135a963042eaa59be817cf02182f8761c7a0ba2fd9271c4b53304d69a3671","ssdeep":"6144:p5K6mEbeWe5b5/AT6dvesgRvyNlbc+6cKO90asTGIo5lj:u6tbeWe59oudvpg5yPblXKUIGlj","tlshash":"cb24130bfa57e081d29a4db4c077677cdc4f8b56aaa4563ae66c2c2cc7d05c3b0ad246","first_seen":"2023-05-06T09:40:17Z","last_seen":"2026-06-07T06:12:34.779135Z","times_seen":2058,"resource_available":false,"data":null}},"time_used":1963,"timings":{"blocked":-1,"dns":21,"connect":260,"send":0,"wait":510,"receive":623,"ssl":546},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/js/jquery.SuperSlide.js","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.114Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/js/jquery.SuperSlide.js HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17372,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7554)","md5":"8baa5c167d403d1245abe1193d765c3f","sha1":"59ec699737cf22106cda8092ca15e4142e272970","sha256":"98bfc9c9ffafe0f52bda61796a4a21c3ca2737061cad8cafdb34a198f6ea6109","sha512":"b30e3c27f1965b80a1785146cb80d6b249ccd522dd00aa36f843eafbc34976c104ec570b050eb31b3e6f5ceeafadf5f66ee4bf226626e7777cc5a38cb9a8d834","ssdeep":"192:5F4KrJkbCsk866psF+si7VRRL7jOf7sftQAYB/FvSgRgibNEVp/AtikM590JTIeo:sb1K6psx/Fg4Up/41TIeCkKoc","tlshash":"1472c619e32c9999e4eb32f5189f458d383f4133ce0289913a9cd9945be5618b23bb7c","first_seen":"2024-08-20T17:00:28.351767Z","last_seen":"2026-06-05T15:31:35.507537Z","times_seen":23,"resource_available":true,"data":null}},"time_used":382,"timings":{"blocked":102,"dns":0,"connect":128,"send":0,"wait":151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chat.dongjiakg.com/chat/KFCenterBox/234577","fqdn":"chat.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.118Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /chat/KFCenterBox/234577 HTTP/1.1\r\nHost: chat.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":129,"timings":{"blocked":129,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.dongjiakg.com/mystat.aspx?u=jnhengzhun","fqdn":"www.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.124Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /mystat.aspx?u=jnhengzhun HTTP/1.1\r\nHost: www.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":28,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/Skins/234577/images/ewm.jpg","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.156Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/234577/images/ewm.jpg HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/Skins/234577/images/ewm.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":802,"timings":{"blocked":644,"dns":0,"connect":0,"send":0,"wait":157,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/Skins/234577/js/qq.js","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.158Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/234577/js/qq.js HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":1464,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"eaf13e93011880bf8e0891a82bdc283b","sha1":"d2a8d9f0afd8031074a8da67a6bdf46f51761edb","sha256":"dbf2017b93e3d67efbc8380858af7413c0fb0609491fae55ffce82c1be8f23dc","sha512":"07b5a34367ce85579f7b70cbdc89621268b98a3951b8e7092f5cf9f02d2681c582dd8e703d7890937ee55a8862c52eb818969e4a498674088a543e75d363685b","ssdeep":"","tlshash":"5131bcd8f78e152150b1b2bd893fd7cc713e1023b853a867ac6d84b808f967b1325d98","first_seen":"2023-08-05T07:44:19Z","last_seen":"2026-06-06T19:29:46.292248Z","times_seen":103,"resource_available":true,"data":null}},"time_used":359,"timings":{"blocked":214,"dns":0,"connect":0,"send":0,"wait":145,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/Skins/234577/images/addr.png","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.979Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/234577/images/addr.png HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/images/abg.jpg","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:13.205Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/abg.jpg HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/skins/234577/Css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:13 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/skins/234577/images/abg.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":149,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":149,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"api.share.baidu.com/s.gif?l=http://gkbci29u.dongjiakg.com/","fqdn":"api.share.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:13.564Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /s.gif?l=http://gkbci29u.dongjiakg.com/ HTTP/1.1\r\nHost: api.share.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":561,"timings":{"blocked":280,"dns":7,"connect":274,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img77.dongjiakg.com/gxhpic_81815bbd64/62b67f438055e754eef8ec5053ed8ba27c935c8e56ae84e2e7f0186e692e8b3c1bfd93997d0b1fd8_284_284_5.jpg","fqdn":"img77.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.141Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_81815bbd64/62b67f438055e754eef8ec5053ed8ba27c935c8e56ae84e2e7f0186e692e8b3c1bfd93997d0b1fd8_284_284_5.jpg HTTP/1.1\r\nHost: img77.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/gxhpic_81815bbd64/62b67f438055e754eef8ec5053ed8ba27c935c8e56ae84e2e7f0186e692e8b3c1bfd93997d0b1fd8_284_284_5.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":670,"timings":{"blocked":353,"dns":1,"connect":128,"send":0,"wait":188,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/images/aCont.png","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.146Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/aCont.png HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/skins/234577/images/aCont.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":493,"timings":{"blocked":349,"dns":0,"connect":0,"send":0,"wait":144,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/Skins/234577/images/addr.png","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.155Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/234577/images/addr.png HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/Skins/234577/images/addr.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":804,"timings":{"blocked":647,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d59ddf94ee44cc96e3d9682356b748cff4287ffc4db47cc245_284_284_5.jpg","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.877Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d59ddf94ee44cc96e3d9682356b748cff4287ffc4db47cc245_284_284_5.jpg HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":2145,"timings":{"blocked":2145,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d5ded1150022196b79abf50d545e077317442214da1ad2ec80_284_284_5.jpg","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.910Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d5ded1150022196b79abf50d545e077317442214da1ad2ec80_284_284_5.jpg HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":2055,"timings":{"blocked":2055,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/skins/234577/images/ewm.jpg","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.978Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/ewm.jpg HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/skins/234577/images/line1.png","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"47.104.145.44","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.984Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/line1.png HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: Tengine\r\nDate: Tue, 02 Jun 2026 08:30:13 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":1620,"timings":{"blocked":1281,"dns":0,"connect":0,"send":0,"wait":338,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/skins/234577/images/Send.png","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"47.104.145.44","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:13.296Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/Send.png HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: Tengine\r\nDate: Tue, 02 Jun 2026 08:30:13 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":303,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d572ae029757a3b813ac37c1b1e1c59ad54ea2361215b1fdfb_284_284_5.jpg","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"47.104.145.44","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.912Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d572ae029757a3b813ac37c1b1e1c59ad54ea2361215b1fdfb_284_284_5.jpg HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: Tengine\r\nDate: Tue, 02 Jun 2026 08:30:13 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":1672,"timings":{"blocked":1338,"dns":0,"connect":0,"send":0,"wait":334,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/images/ariblk.ttf","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:13.258Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/ariblk.ttf HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/skins/234577/Css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:13 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":166030,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"TrueType Font data, digitally signed, 22 tables, 1st \"DSIG\", name offset 0x87230002","md5":"592906d66f3adee1d266f645b48ac480","sha1":"291f78480199faeb891dc3bcb15732b3fefbf316","sha256":"ab732a5146ea6d5f049368d08a193be58bf2ad3c494e4a6a9982dcc52a341d9f","sha512":"8859c0c4a0ea3fbb6a51fad8d2427a5588f11d273e85b25929902140e3dd28b73c339ccd1cca1db5b1dd247dad1b774bf4a4578e5e39c0ce203f141e2bb93cd3","ssdeep":"3072:6SuoAn840NBN0L9ysMUnyzaxL+0NWwo6Ol2/AZ:60+yBN0pyfLzG7YMOlD","tlshash":"9a144a23e7813b0ad2b3177c4e7896d16399f50afea38788d10d8521c6ce678ba5c74d","first_seen":"2025-06-07T12:49:43.569161Z","last_seen":"2026-06-06T19:29:46.297765Z","times_seen":12,"resource_available":false,"data":null}},"time_used":410,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":147,"receive":263,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/skins/234577/images/banner2.jpg","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"47.104.145.44","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:13.353Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/banner2.jpg HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: Tengine\r\nDate: Tue, 02 Jun 2026 08:30:13 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":317,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":316,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/skins/234577/images/arrows2.png","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"47.104.145.44","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:13.364Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/arrows2.png HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: Tengine\r\nDate: Tue, 02 Jun 2026 08:30:13 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":522,"timings":{"blocked":232,"dns":0,"connect":0,"send":0,"wait":290,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"img66.dongjiakg.com/gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d5e6163aa21bc05f78d8d5cf9c4dc7410802da1e9cc11ecc58_284_284_5.jpg","fqdn":"img66.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.138Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d5e6163aa21bc05f78d8d5cf9c4dc7410802da1e9cc11ecc58_284_284_5.jpg HTTP/1.1\r\nHost: img66.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/gxhpic_81815bbd64/aff6d13c7814f8b688e207128cd297d5e6163aa21bc05f78d8d5cf9c4dc7410802da1e9cc11ecc58_284_284_5.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":673,"timings":{"blocked":356,"dns":1,"connect":129,"send":0,"wait":186,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/images/cf2.jpg","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.147Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/cf2.jpg HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/skins/234577/images/cf2.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":654,"timings":{"blocked":473,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/skins/234577/images/cf2.jpg","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"47.104.145.44","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.825Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/cf2.jpg HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: Tengine\r\nDate: Tue, 02 Jun 2026 08:30:13 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":1649,"timings":{"blocked":1355,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/gxhpic_81815bbd64/62b67f438055e754ecf537370a811bc975b8202caa2a112acd95d92bdf7b099948fd7e6c48c1b526_284_284_5.jpg","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.914Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /gxhpic_81815bbd64/62b67f438055e754ecf537370a811bc975b8202caa2a112acd95d92bdf7b099948fd7e6c48c1b526_284_284_5.jpg HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":1983,"timings":{"blocked":1983,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"push.zhanzhang.baidu.com/push.js","fqdn":"push.zhanzhang.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"180.101.212.103","port":80,"asn":134770,"as":"CHINANET Jiangsu province Suzhou taihu IDC network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:13.002Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /push.js HTTP/1.1\r\nHost: push.zhanzhang.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Encoding: gzip\r\nContent-Length: 232\r\nContent-Type: text/javascript\r\nServer: bfe\r\nDate: Tue, 02 Jun 2026 08:30:13 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":281,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with no line terminators","md5":"1bb5a3267c9865ad4abe8d937734b62b","sha1":"b5478dd2edb3e64242eced1db2dbd945ef81f592","sha256":"674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2","sha512":"33318ed944a49a8fa334983408d68853b1fbe4f80b19adef6235f23d7708b616cd4f8dd28c8b8ebfbb5776aab8088229f3060cd789af34fe1db5038a98bd0d39","ssdeep":"","tlshash":"91d02be874a0c41c0ce710b17fab328cfab20b2755244d40c05b90013614b1f824bfe9","first_seen":"2023-03-07T01:02:09Z","last_seen":"2026-06-07T08:13:41.741096Z","times_seen":24431,"resource_available":true,"data":null}},"time_used":537,"timings":{"blocked":-1,"dns":1,"connect":266,"send":0,"wait":269,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/images/arrows2.png","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:13.191Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/arrows2.png HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/skins/234577/Css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:13 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/skins/234577/images/arrows2.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.hzsysb.com/skins/234577/images/banner1.jpg","fqdn":"www.hzsysb.com","domain":"hzsysb.com","tld":"com"},"ip":{"addr":"47.104.145.44","port":80,"asn":37963,"as":"Hangzhou Alibaba Advertising Co.,Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:13.355Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/images/banner1.jpg HTTP/1.1\r\nHost: www.hzsysb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nServer: Tengine\r\nDate: Tue, 02 Jun 2026 08:30:13 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Tengine","description":"Tengine is a web server which is based on the Nginx HTTP server.","website":"https://tengine.taobao.org","common_platform_enumeration":"","icon":"Tengine.png","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":320,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":319,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/jquery.la.min.js","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:14.084Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /jquery.la.min.js HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:14 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Wed, 04 Mar 2026 05:00:02 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69a7bc52-4ba\"\r\nExpires: Tue, 02 Jun 2026 09:30:14 GMT\r\nCache-Control: max-age=3600\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1210,"size_decoded":0,"mime_type":"application/javascript","magic":"HTML document, ASCII text, with very long lines (554), with CRLF line terminators","md5":"80d4fa18ec76b19a28bc1e809a254f3a","sha1":"9b8cf317be1f86779e061ecb5526a6e2577e28fb","sha256":"b41465f0aed648314ea9a5b83fa0de21b54fc190103fb4525f880b481412816f","sha512":"6f4b75f748e32f37c4514dba6e474282724cdb695399c0077ab4101e7b01b5c8306648e0e1aeb01aa8a767d08e1a7b13f8274192bf3d0143092053eac596168b","ssdeep":"","tlshash":"e621fe8f7c05e2605b59396627b7edace9fd1032240adc0659eac0ac3c1aff80616b09","first_seen":"2024-02-07T10:19:18Z","last_seen":"2026-06-03T04:52:59.26568Z","times_seen":46,"resource_available":true,"data":null}},"time_used":137,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":137,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/Skins/234577/images/email.png","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.153Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/234577/images/email.png HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/Skins/234577/images/email.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":682,"timings":{"blocked":534,"dns":0,"connect":0,"send":0,"wait":148,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/Skins/234577/images/fax.png","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.154Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /Skins/234577/images/fax.png HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: http://www.hzsysb.com/Skins/234577/images/fax.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T15:09:50.158129Z","times_seen":16214810,"resource_available":true,"data":null}},"time_used":657,"timings":{"blocked":485,"dns":0,"connect":0,"send":0,"wait":172,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"gkbci29u.dongjiakg.com/skins/234577/js/pt_js.js","fqdn":"gkbci29u.dongjiakg.com","domain":"dongjiakg.com","tld":"com"},"ip":{"addr":"104.206.250.27","port":80,"asn":62904,"as":"AS62904","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:11.161Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /skins/234577/js/pt_js.js HTTP/1.1\r\nHost: gkbci29u.dongjiakg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:11 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":768,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"09e1ae0527a6919e088065c0dd54b209","sha1":"73e829b2280d7cba8fa59ca188625bb242d83056","sha256":"49b782c74abac050892ccc704f946b496878b12279594f3ecb9de8cb6e74d1b5","sha512":"d1d4031184cb8ba1207dd3501b8ea95c7e4243792f0ddcdad0d2ed51c9b4f519cf10f87292c62e107cde48ccdb300257cff2671227ff2bc786012e5177827175","ssdeep":"","tlshash":"c401400ce664e97450ff356b2635e488ed455a43e28e8491f87fa1b18ed8108f713e4d","first_seen":"2025-05-11T21:45:29.442994Z","last_seen":"2026-06-06T19:29:46.300123Z","times_seen":43,"resource_available":true,"data":null}},"time_used":463,"timings":{"blocked":320,"dns":0,"connect":0,"send":0,"wait":143,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"gkbci29u.dongjiakg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-02","alert":"Phishing Block","trigger":"gkbci29u.dongjiakg.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tp.xinxiyidiantong.com:5868/uploads/9ac8ygliapz5ww4p3uuacykkfhn6am4w6t6hqand.png","fqdn":"tp.xinxiyidiantong.com","domain":"xinxiyidiantong.com","tld":"com"},"ip":{"addr":"27.124.44.50","port":5868,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:14.071Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"tp.xinxiyidiantong.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 19 May 2026 03:24:08 GMT","end":"Mon, 17 Aug 2026 03:24:07 GMT"},"fingerprint":{"sha1":"B6:3F:61:9D:53:2C:33:DE:9F:F8:0D:92:E5:69:18:C3:3C:1A:49:DA","sha256":"B6:62:DF:F2:FE:DF:37:97:96:0A:06:4D:EC:8F:FF:C6:94:B8:44:DC:85:68:2F:0D:7C:31:3B:12:CA:63:29:B5"}}},"request":{"raw":"GET /uploads/9ac8ygliapz5ww4p3uuacykkfhn6am4w6t6hqand.png HTTP/1.1\r\nHost: tp.xinxiyidiantong.com:5868\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:15 GMT\r\nContent-Type: image/png\r\nContent-Length: 178073\r\nLast-Modified: Fri, 14 Jun 2024 06:35:05 GMT\r\nConnection: keep-alive\r\nETag: \"666be499-2b799\"\r\nExpires: Thu, 02 Jul 2026 08:30:15 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":178073,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1000 x 200","md5":"f10b57811b5cbd80cc2adb677fcbe3e2","sha1":"9c566090638bacef4fb11e5ce3798f6162f52770","sha256":"f4d197904303977c5b8764801ab45de427c7ea38e212e9e158aff5b3bdad6473","sha512":"f3665bcd909bba365acb53d64a6e95d2e1212eaf4f1f8a31419611e1d9a839366f058b9014caa35a429e8492643d49ea7937afce230f8fae1846317ab0a92893","ssdeep":"3072:kmOFOk0AYABeHXNScStRzJmQ3aNIYlmwLs6CLWBOcV8u2OPvr8qFw8Y79C6vaQgL:1AboHXNXStRzAUauwLaLWBOW7hw8elGV","tlshash":"4c0412697de7e838c12bd8d7c2cc57984810cc7c929d4023a6a74d406a77af2ce8d7ca","first_seen":"2024-02-16T22:50:56Z","last_seen":"2026-06-07T06:12:34.766624Z","times_seen":1141,"resource_available":false,"data":null}},"time_used":7463,"timings":{"blocked":857,"dns":27,"connect":254,"send":0,"wait":526,"receive":5199,"ssl":593},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tp.xinxiyidiantong.com:5868/uploads/zdxu27gbnptd1nlnoezm734xiww2lz8gs5rh881c.gif","fqdn":"tp.xinxiyidiantong.com","domain":"xinxiyidiantong.com","tld":"com"},"ip":{"addr":"27.124.44.50","port":5868,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:14.072Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"tp.xinxiyidiantong.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 19 May 2026 03:24:08 GMT","end":"Mon, 17 Aug 2026 03:24:07 GMT"},"fingerprint":{"sha1":"B6:3F:61:9D:53:2C:33:DE:9F:F8:0D:92:E5:69:18:C3:3C:1A:49:DA","sha256":"B6:62:DF:F2:FE:DF:37:97:96:0A:06:4D:EC:8F:FF:C6:94:B8:44:DC:85:68:2F:0D:7C:31:3B:12:CA:63:29:B5"}}},"request":{"raw":"GET /uploads/zdxu27gbnptd1nlnoezm734xiww2lz8gs5rh881c.gif HTTP/1.1\r\nHost: tp.xinxiyidiantong.com:5868\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:15 GMT\r\nContent-Type: image/gif\r\nContent-Length: 36274\r\nLast-Modified: Wed, 19 Feb 2020 07:01:50 GMT\r\nConnection: keep-alive\r\nETag: \"5e4cdd5e-8db2\"\r\nExpires: Thu, 02 Jul 2026 08:30:15 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":36274,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1000x200, components 3","md5":"7e5d039a1efc18bb7bea97fd777c69af","sha1":"68ef09f74077052dcb97d54c3223d60b3cc8b571","sha256":"49f4dac0c9655023462733d66e03a78de44377c97c6e1c78347a571f93696ba5","sha512":"eb933bd838dfa2cb7b6b4d78b9675ab1243290dba4ab65c49e15ed82e51c10264cc1217ca042cb4d4589c9335f3e03b35788f7c5e982170352fe6c33ffc1cffd","ssdeep":"768:HqqTTVl/XyWz5/SfYem+xeUFFXEBYj5GEeseg5mT25HFwSCJvu0us:Kql5d1iX58UaYXr62X/yvu0us","tlshash":"3df2e1a4a7d09c6cc76715ffdb37f6f0270194709874227a8b982a681d38cf1cae2795","first_seen":"2023-05-06T09:40:17Z","last_seen":"2026-06-07T06:12:34.774385Z","times_seen":1729,"resource_available":false,"data":null}},"time_used":2225,"timings":{"blocked":833,"dns":25,"connect":254,"send":0,"wait":526,"receive":10,"ssl":568},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tp.xinxiyidiantong.com:5868/uploads/uqpu1x4t749lwvxkguwwsdova106pr.jpg","fqdn":"tp.xinxiyidiantong.com","domain":"xinxiyidiantong.com","tld":"com"},"ip":{"addr":"27.124.44.50","port":5868,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://gkbci29u.dongjiakg.com/","date":"2026-06-02T08:30:14.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"tp.xinxiyidiantong.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 19 May 2026 03:24:08 GMT","end":"Mon, 17 Aug 2026 03:24:07 GMT"},"fingerprint":{"sha1":"B6:3F:61:9D:53:2C:33:DE:9F:F8:0D:92:E5:69:18:C3:3C:1A:49:DA","sha256":"B6:62:DF:F2:FE:DF:37:97:96:0A:06:4D:EC:8F:FF:C6:94:B8:44:DC:85:68:2F:0D:7C:31:3B:12:CA:63:29:B5"}}},"request":{"raw":"GET /uploads/uqpu1x4t749lwvxkguwwsdova106pr.jpg HTTP/1.1\r\nHost: tp.xinxiyidiantong.com:5868\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://gkbci29u.dongjiakg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 02 Jun 2026 08:30:14 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 200943\r\nLast-Modified: Fri, 30 Sep 2022 18:42:07 GMT\r\nConnection: keep-alive\r\nETag: \"6337387f-310ef\"\r\nExpires: Thu, 02 Jul 2026 08:30:14 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":200943,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1000x200, components 3","md5":"93b5fd25fa34d9f1f81869e9aa56dda7","sha1":"dc51916e54c77eb33536ba9acb346fc1e86cbe62","sha256":"e612039673cad23b189f1b221bb32b9f8133ea1327fb12e3ea5ef4723606efb4","sha512":"31ebdd12f3bf07d18fb093b3ea7e3783f1242ad253c494413286a5c3403ac2c208904b3bfc067a4c8933628876507889b07fe23361818d2cf5d931139325cfde","ssdeep":"6144:e8qa7OrrWXdlKyAcrn9Y1OhN8zvJ20dJj6SI:4a7Oyd0ncm12kvj6SI","tlshash":"a91412342adb8aececd6b579af1017a6114b0df2d4499fd3c634a838967e20b0d5bd70","first_seen":"2023-05-06T09:40:17Z","last_seen":"2026-06-07T06:12:34.738588Z","times_seen":2275,"resource_available":false,"data":null}},"time_used":4817,"timings":{"blocked":825,"dns":24,"connect":260,"send":0,"wait":518,"receive":2627,"ssl":551},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}