{"report_id":"8fea1b9e-eeb2-4766-b332-882691581112","version":6,"status":"done","tags":[],"date":"2026-04-16T14:48:08Z","url":{"schema":"http","addr":"gzsycfz.com","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":0,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"gzsycfz.com/","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"title":"TK Store | buy, sell and discover on TK","dom":{"size":19369,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (414)","md5":"b4d1456a4293ae02586805c08b3eedf6","sha1":"d7923818182357f372ebd694c1a978152ab69396","sha256":"b4558c92c75a950e1082677146c103da5264a4727d4db9b97f1e2b0955e1cb52","sha512":"cacf459e473c9bf02559f7e28422278c1429d90427c7e29aed9b61e30effc24f134c1f5e2c2783555f35fa934212e7a5ec11a86babebb1fcf9d973e874336e84","ssdeep":"384:eN1utYFru4oAuZTpKqmPS3f0lyajOIRhVXX:eetYpu4JOFKxa8h11n","tlshash":"6b922f22a4f27073408382e26b312f6a7fe0d567d65a8244b5bc47985fd2d83dd2b52f","dom_hash":"domhash35570fda9201fb5ce2a350bcddbebd78","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"gzsycfz.com","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":0,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-21T14:48:08Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"gzsycfz.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-04-12T22:16:45.621325Z","alert_count":0,"request_count":5,"received_data":224647,"sent_data":2748,"comment":"","tags":null,"fingerprints":null},{"fqdn":"gzsycfz.com","ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2021-12-23","domain_rank":0,"first_seen":"2026-04-16T05:27:38.748267Z","last_seen":"2026-04-16T05:27:39.969982Z","alert_count":130,"request_count":26,"received_data":3249390,"sent_data":11847,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Lodash","description":"Lodash is a JavaScript library which provides utility functions for common programming tasks using the functional programming paradigm.","website":"https://www.lodash.com","common_platform_enumeration":"cpe:2.3:a:lodash:lodash:*:*:*:*:*:*:*:*","icon":"Lodash.svg","categories":["JavaScript libraries"]}]},{"fqdn":"sf16-va.tiktokcdn.com","ip":{"addr":"2.22.55.66","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"domain_registered":"2017-09-20","domain_rank":76103,"first_seen":"2020-09-03T03:29:30Z","last_seen":"2026-04-10T02:26:03.602055Z","alert_count":0,"request_count":13,"received_data":5543472,"sent_data":6991,"comment":"","tags":null,"fingerprints":null},{"fqdn":"p16-oec-sg.ibyteimg.com","ip":{"addr":"23.36.77.48","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2019-07-19","domain_rank":45551,"first_seen":"2021-12-22T12:54:34Z","last_seen":"2026-04-13T06:45:14.115307Z","alert_count":0,"request_count":3,"received_data":17951,"sent_data":1566,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"172.217.19.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-12T22:20:19.752051Z","alert_count":0,"request_count":1,"received_data":26436,"sent_data":509,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"gzsycfz.com/","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"3f2de9ed709e29e3509f3eea98bafdc2","sha1":"a08c2364e3f6c789eb014d40266d1994cba99856","sha256":"30baa5633e9b614710a71bd2cf669a0df94d6689fc76d1ee5b2807424e7939a0","sha512":"4c5298b0d3c77fd586f460883ac985b000b79e68a3f57b0360950afd9e6e8dcc625c2085539ed1d5c5a9e8c7fa24cd9d1187e3e668ea2e9e47ac329be5e42b44","ssdeep":"","tlshash":"0fe0223b27a530728033b1bd9bdfa2803831104b3401c91b3d5e9b840f40a402af38ba","size":422,"data":"","first_seen":"2025-08-09T01:18:23.975133Z","last_seen":"2026-04-21T20:01:16.394723Z","times_seen":117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/js/lib-arco.afd3802c.js","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"66296ae08db9dce0b0ec23e84f1cfa82","sha1":"bbfb60f99fc2b9d2cd418c0ef49790688f83d47b","sha256":"4167eb82e602d4d57bf9d4c41cfd52696be67c0e53cf870b1a48ddbe76847cb5","sha512":"78f0bb30c14c0471032453920e4dce8674bad7f260839843e3892e659e9bf04528767e6eeb6d506535cee8af6595546886318bb95369f8787ad21512749cd373","ssdeep":"3072:IgXb9MtoaJJAtDW6Wu8HI83tcWJpaWJA9H2LvVbEmpNkcsQREkjFNdIw0XhJsBk:e337JpaWJA9H2LvVbn9sQREkuw8ek","tlshash":"13542dd87254b0a593fb41b6803f180ef33b361cb8398d50e2b5e8d474a5649a52bfbd","size":295368,"data":"","first_seen":"2024-09-28T07:23:58.35934Z","last_seen":"2026-04-22T12:22:42.013756Z","times_seen":583,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/js/lib-lodash.bf84b211.js","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"6be4803af01cf9e16ddf93fb04a1db72","sha1":"0487ddef043cdb2e15e9bf5c599134f35a166ce1","sha256":"853623d58dedcd9a5e536bef349e9ff83dded42d4b1dd2fbab7fe601bb28626e","sha512":"ca190dab6ce3f636419cb5d23cb65d4948126e212756d9f05e6dd2702b09689488b5059277b32ff31d7b1497205804278f77f2f996c4608544322aa3686f71a6","ssdeep":"1536:52fmxNB/M6lzihdLUVnCsmdaKWsq5l1frkn9c/pn4QJn9pyHX:vPadIVlKWHDeCpL9pM","tlshash":"f09393c9bad3f05943a77860402f040bf23e6e54a88e9594d262e4dcbcbc55ee177f1a","size":95095,"data":"","first_seen":"2024-09-28T07:23:58.446746Z","last_seen":"2026-04-22T12:22:42.04977Z","times_seen":584,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/js/lib-polyfill.144bde91.js","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"4d409a82f1fd1ccdb4146719442dc76f","sha1":"513830bb776dc7f35be3c4259dabcac2b5c3aab8","sha256":"c5425790d0cba801d53c4e17a27acb6897f5b3908397ef6f803140dfb408b003","sha512":"806134eebc7ff56dfaf3e8d0ba7089aba86c57599e490edcb5b87221b7598aa2a35587a5b12443b2ed14acd0c66d9ba8c6e0ab1c787a984e9e8ab49a02774e78","ssdeep":"3072:la0q8CJLo4Mhy7a2O+MqOTkhMaJt+iFjvGW:m8YwhycmjjvGW","tlshash":"dd34b988b292f0e64bf264d4407f8407f1771a64a44da851ffa1d884687bd4fb07babd","size":247143,"data":"","first_seen":"2024-09-28T07:23:58.455437Z","last_seen":"2026-04-22T12:22:42.047506Z","times_seen":581,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/js/lib-axios.de405cb7.js","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"44cbfad9b61a51d2124298a49b29c009","sha1":"7443225d2d6bbd323ba0ba811cc2de7f2230d3a3","sha256":"55a2f4274446416598c3b4cee096005842f8529f232507aea4336b04ca1d22a1","sha512":"a0c4762905258d7f6f12285601e915d4fe9214fcfe4dbc95671b50ddb438a69bd28144767351ad9fac6a5e3be171417fe8694d7769952eb37da74d25af57e997","ssdeep":"384:DzdycsDmxm7PX9OWOUtpefXrdZ5BKm4gmZtxR0Ywe7W5EjU7Fh5yk0:DRy7MIVuIpeiBZDt+50","tlshash":"4692fac9b9a0f07547a321f4806f590bf3775529a44d84a0fb50e8e62cb890e873bf6d","size":19792,"data":"","first_seen":"2024-09-28T07:23:58.465686Z","last_seen":"2026-04-22T12:22:42.051613Z","times_seen":583,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/js/lib-router.706221fa.js","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"33e7cf1528a483f0c3d9da77a9935747","sha1":"162b9616fa767dd4ec7b64c157e859099782a87f","sha256":"7ee5d4c6a5b6b9013b91f3a7b74dfde9c03b70859bc5e64506984bc75276e990","sha512":"bc7d36a6232b763e6d808690bc07b3a4c9e87caa203a191675e996d560c355575b98b175cfdeea606c9f232c7573680bef1793e6c44c19f33b63d13710ff3103","ssdeep":"768:OK3cu7mmtBYfQoN0C3N3X6gL58s97iG3hfQKfg7g:XcuPC0CNqgL5CKoM","tlshash":"a733f9fab641b0665bfb03e6c0bb0125e3796dda206a4415b298ec4e3074d4da377f39","size":54278,"data":"","first_seen":"2024-09-28T07:23:58.450437Z","last_seen":"2026-04-22T12:22:42.044122Z","times_seen":581,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/js/main.a0906336.js","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"34c65ea5f113504cce2d321b961ecdb9","sha1":"08452295b557781bdb2c040bfd8af380f3d0382e","sha256":"bf5826fc56e122bba36429ed692b35c5ca3502f1946adb91901a7eb86becbab4","sha512":"ce29cfa7520bd62e82f7ae4af90ecf259ecc2df46ff3a2378b1e76ad5b8061d9cb271c0cc70e0d193768aa7d914e7e5e9c533bfd83dd00b1e83a3213bd0ab781","ssdeep":"384:5Llw/fc/7T6EsqjFx7TsvirLWtY8x0r8X2iw+fq3coaQXgpJhA:5LO3c/7TsqBe68x0r8X2iwMq3cJi","tlshash":"76520cb6c04138bf2e8e0a84500e3ebaacad5ecf916d7570955c68ddb144af7bc0dac4","size":13686,"data":"","first_seen":"2024-09-28T07:23:58.371454Z","last_seen":"2026-04-22T12:22:42.032815Z","times_seen":578,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/js/lib-react.235b4836.js","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"6c194b12793a2436efb1f3ce1c674b69","sha1":"2bc65388297613de6cc4622a771e5e001f2d95bc","sha256":"181d18351e54581117e789445bcaa5d7477257c510189767d4d3e04c56bed549","sha512":"da45dc947f923d79a04277c08f915f575fe3a573a8dd4a1c92caf693c74110db65ca697c9af4722412691ed7659732ca9d34fcf2771d378cc2391a7dfe507ca4","ssdeep":"1536:Wv4kq5k79fohxQlV0vMYbAJnfMhnia9Toy7U6SLdl8eIUZQeY:WVX0OnEboy7U6S72eY","tlshash":"79d306e83996f5516ab7126700ef1807733c1a1b280c89a0a615fd8e75f842eb17bfdd","size":140018,"data":"","first_seen":"2024-09-28T07:23:58.462117Z","last_seen":"2026-04-22T12:22:42.005536Z","times_seen":582,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/js/83.97401b30.js","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"9645b1f5ab1bf07083a13d39627de505","sha1":"74262c4077855e038042a7b30a61515811f247dd","sha256":"b442a68ba589101ee961131f60e5ff500213799774f9b510e892726a7c83ccea","sha512":"c6d68587d9ea87d2a2cb51eb0d7a1ee26c13ad30a6d35df9a05ef5ec1e33efdc088e6c4ca362f9084e099841b35d15492011a137134551fb9fe877d4960fcdc9","ssdeep":"6144:DRHbIYnZo0nf6lg9bPmEOuOcxOkuKoE+oZS:D1UY60Ci9bPpOWTYEtg","tlshash":"86b43acdb299702503e364b9903f110ab33a2a58744dc028f575e9e56cb994ea33bf7c","size":530518,"data":"","first_seen":"2025-01-28T12:57:32.280556Z","last_seen":"2026-04-22T12:22:42.025156Z","times_seen":537,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:43.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://gzsycfz.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 12 Apr 2026 00:37:47 GMT\r\nexpires: Mon, 12 Apr 2027 00:37:47 GMT\r\ncache-control: public, max-age=31536000\r\nage: 396596\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48320,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-04-23T15:14:48.712871Z","times_seen":219793,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":113,"dns":0,"connect":20,"send":0,"wait":16,"receive":3,"ssl":91},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/js/lib-axios.de405cb7.js","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.622Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gzsycfz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 06:51:15 GMT","end":"Fri, 22 May 2026 06:51:14 GMT"},"fingerprint":{"sha1":"41:70:26:A5:79:EA:A2:86:85:00:9A:E3:00:28:BA:92:B5:0D:9D:40","sha256":"C2:1A:8B:29:A1:44:BE:EB:11:9B:E4:80:D2:88:9F:A5:DA:13:76:51:28:40:89:6C:61:8C:6D:84:FC:74:EB:FB"}}},"request":{"raw":"GET /static/js/lib-axios.de405cb7.js HTTP/1.1\r\nHost: gzsycfz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"19792-1749197948000\"\r\nlast-modified: Fri, 06 Jun 2025 08:19:08 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19792,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (19792), with no line terminators","md5":"44cbfad9b61a51d2124298a49b29c009","sha1":"7443225d2d6bbd323ba0ba811cc2de7f2230d3a3","sha256":"55a2f4274446416598c3b4cee096005842f8529f232507aea4336b04ca1d22a1","sha512":"a0c4762905258d7f6f12285601e915d4fe9214fcfe4dbc95671b50ddb438a69bd28144767351ad9fac6a5e3be171417fe8694d7769952eb37da74d25af57e997","ssdeep":"384:DzdycsDmxm7PX9OWOUtpefXrdZ5BKm4gmZtxR0Ywe7W5EjU7Fh5yk0:DRy7MIVuIpeiBZDt+50","tlshash":"4692fac9b9a0f07547a321f4806f590bf3775529a44d84a0fb50e8e62cb890e873bf6d","first_seen":"2024-09-28T07:23:58.465686Z","last_seen":"2026-04-22T12:22:42.051613Z","times_seen":583,"resource_available":true,"data":null}},"time_used":1060,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1060,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"gzsycfz.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sf16-va.tiktokcdn.com/obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/shoptab.png","fqdn":"sf16-va.tiktokcdn.com","domain":"tiktokcdn.com","tld":"com"},"ip":{"addr":"2.22.55.66","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.647Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokcdn.com","organization":""},"issuer":{"commonName":"RapidSSL TLS ECC CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 12 Mar 2026 00:00:00 GMT","end":"Sat, 26 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A9:C3:B7:47:40:78:CF:86:98:DC:CA:7F:86:25:55:24:18:EE:CD:2A","sha256":"A6:AB:6D:DF:58:71:C8:DC:08:42:BE:35:0B:4F:F4:AC:95:F4:B2:52:56:97:EA:18:BF:EC:B0:33:28:0D:80:DD"}}},"request":{"raw":"GET /obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/shoptab.png HTTP/1.1\r\nHost: sf16-va.tiktokcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 171745\r\naccept-ranges: bytes\r\ncontent-md5: NSGUpPbKJ+LOAt0oOQE7zg==\r\netag: \"352194a4f6ca27e2ce02dd2839013bce\"\r\nlast-modified: Tue, 27 May 2025 06:41:38 GMT\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-tos-request-id: 803c5b795e8d8cc869795e8d-fdbdgdc61g18g173gg48\r\nx-tos-response-time: Wed, 28 Jan 2026 00:55:41 GMT\r\nx-request-ip: fdbd:dc61:14:455::132\r\nx-response-cinfo: fdbd:dc61:14:455::132\r\nx-response-cache: edge_hit\r\nx-tt-trace-host: 0169d1462f44bc8e179f39259326114848bd70099c168ee53d110cbae14f7917f276c8714abc553f7ce89432c0237d4ba59001d316385ec4573ded602f8d879321b479449901b950460f8fc54ae19d7b51ea88733dcbdd800dd067a5b4ffbe8dda1650c010939de73c543de1cf58797fa4498ba1f8b44ef49d02a15521afa387d9\r\nx-tt-trace-id: 00-260128105449230D994DB7998FEE8655-07ED18DD74054E29-00\r\nserver: TLB\r\nx-tt-logid: 20260128105449230D994DB7998FEE8655\r\nx-akamai-request-id: 415d236.117e5edc\r\ncache-control: max-age=2592000\r\nexpires: Sat, 16 May 2026 14:47:42 GMT\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\nx-cache: TCP_MISS from a2-22-55-55.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (-)\r\nx-cache-remote: TCP_HIT from a2-22-55-94.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=6, origin; dur=0, inner; dur=1\r\nx-parent-response-time: 4,2.22.55.55\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":171745,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 542 x 962, 8-bit colormap, non-interlaced","md5":"352194a4f6ca27e2ce02dd2839013bce","sha1":"d0eba6e3b449d805b79022de363dd0fc9c0f4bcd","sha256":"ecf350ce1e8df5d2827513c7969c3939af605da252e20179af6d3a9549700ea1","sha512":"46cc8929bf766ce1f320fbe5bac76830c1aefaed05e12a1296f1b3dfd1b050a5a5adf2fe5193b246a582047dea5ea947bcbd7b1241dae1b8164f09264c4147a1","ssdeep":"3072:vQ4SRDBViICeRHScdN4ufv1cc/bJJhOU3iqo+7kcU808upjQYG56mcNSAMRF9aa:vzSRD7/Cex9z4yOobPY8iqockn8lu9QF","tlshash":"0cf313a0e6c3b58675933eda4ece1e0b294674d1ad33ac61253b7a11054ce39b93ff02","first_seen":"2025-01-28T12:57:32.24007Z","last_seen":"2026-04-22T12:22:42.033302Z","times_seen":575,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":95,"dns":0,"connect":0,"send":0,"wait":67,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/picture/4202b536750c4d449cce93685d24f50d.png","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gzsycfz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 06:51:15 GMT","end":"Fri, 22 May 2026 06:51:14 GMT"},"fingerprint":{"sha1":"41:70:26:A5:79:EA:A2:86:85:00:9A:E3:00:28:BA:92:B5:0D:9D:40","sha256":"C2:1A:8B:29:A1:44:BE:EB:11:9B:E4:80:D2:88:9F:A5:DA:13:76:51:28:40:89:6C:61:8C:6D:84:FC:74:EB:FB"}}},"request":{"raw":"GET /static/picture/4202b536750c4d449cce93685d24f50d.png HTTP/1.1\r\nHost: gzsycfz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-type: image/png\r\ncontent-length: 591\r\netag: W/\"591-1749197948000\"\r\nlast-modified: Fri, 06 Jun 2025 08:19:08 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":591,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 4-bit colormap, non-interlaced","md5":"f29ec15e3d82a755e8bde79c5e6d1b43","sha1":"634f499e156acf22a7615fe4267bc6a5fb9d128c","sha256":"3db1a67ad8b7d0fd12aa7c089be930cb96d2fd23cb37a253f0364dd4bbd0b811","sha512":"d798d4e9a1376c91f6897bea78fbe0fe872c1c3b84589b7e99d390d21124112bb4c7994814d812b7de7e3d4e9786987dfccbdce16739abce9d7c043b66acb7e8","ssdeep":"","tlshash":"24f0b1c782203c3a0b82d5638d92460397323e381baa603284d1a6713a033e88e180bf","first_seen":"2025-01-28T12:57:32.331714Z","last_seen":"2026-04-22T12:22:42.025623Z","times_seen":559,"resource_available":false,"data":null}},"time_used":8528,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1028,"receive":7500,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"gzsycfz.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:43.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://gzsycfz.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 12 Apr 2026 00:37:47 GMT\r\nexpires: Mon, 12 Apr 2027 00:37:47 GMT\r\ncache-control: public, max-age=31536000\r\nage: 396596\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48320,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-04-23T15:14:48.712871Z","times_seen":219793,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":67,"dns":2,"connect":10,"send":0,"wait":9,"receive":10,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/tkmall-style.css","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.631Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gzsycfz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 06:51:15 GMT","end":"Fri, 22 May 2026 06:51:14 GMT"},"fingerprint":{"sha1":"41:70:26:A5:79:EA:A2:86:85:00:9A:E3:00:28:BA:92:B5:0D:9D:40","sha256":"C2:1A:8B:29:A1:44:BE:EB:11:9B:E4:80:D2:88:9F:A5:DA:13:76:51:28:40:89:6C:61:8C:6D:84:FC:74:EB:FB"}}},"request":{"raw":"GET /tkmall-style.css HTTP/1.1\r\nHost: gzsycfz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"15868-1749197948000\"\r\nlast-modified: Fri, 06 Jun 2025 08:19:08 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15868,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (878), with CRLF line terminators","md5":"fbc87b8291af886d681ce5493a882502","sha1":"99b6521a6f5d07880dcfd60ef50c6c596021cd73","sha256":"763fe6cabd13638583d86760ca1dbcbbfc52668b338a9995ffa885eeb760ce45","sha512":"d456912e69f914272d3dbd20abec4bb0f6f26b4347bf411be38e61c77c512754482148b6f792a4768e023d20bd3a6a00ee7920ab2f20fdd4b093db2eea6f42d2","ssdeep":"192:o8GXZYACCiNbE0t5OqzAjo092LwRlXRJ699wQSC/+MLcmcD5:1SWxsscXRJ0Sdmc9","tlshash":"da62855c961191163137fbbcebe61b18b6608062df06036e7ff46049a3c56b88226fdd","first_seen":"2025-08-09T01:18:23.931321Z","last_seen":"2026-04-21T20:01:16.359771Z","times_seen":117,"resource_available":false,"data":null}},"time_used":1057,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1057,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"gzsycfz.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/picture/left.png","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gzsycfz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 06:51:15 GMT","end":"Fri, 22 May 2026 06:51:14 GMT"},"fingerprint":{"sha1":"41:70:26:A5:79:EA:A2:86:85:00:9A:E3:00:28:BA:92:B5:0D:9D:40","sha256":"C2:1A:8B:29:A1:44:BE:EB:11:9B:E4:80:D2:88:9F:A5:DA:13:76:51:28:40:89:6C:61:8C:6D:84:FC:74:EB:FB"}}},"request":{"raw":"GET /static/picture/left.png HTTP/1.1\r\nHost: gzsycfz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"145246-1749197948000\"\r\nlast-modified: Fri, 06 Jun 2025 08:19:08 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":145246,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 480 x 857, 8-bit colormap, non-interlaced","md5":"5c66fb7a1859ee23fda3294f6b14b618","sha1":"2cb5600288ddaaaa457d90b3ad103361ce0b7ba0","sha256":"4874b02eaf38eca66078cad985de493f7f14872d42317c46a50145ec74ebc897","sha512":"13891e91d4447fcd7dc1c06c8578c7df1c993b8483b8d4ab3e408e9c009af5e3a3ce7d7c2a92acda2fbc975f6b92ae8fb41eed1bba49ea80e1a5b9bd402ba834","ssdeep":"3072:ziEtf/vcSa6jREJVDqdk2OUPAZtZafGsIz6P47Ed8LSO0t9p:mEtPXFWjqXOftZMUmSE+Sdt9p","tlshash":"b9e313c0e112151ec29efde11eed4c77986a350ef6198ac6dc054b278df3f4289d1a7a","first_seen":"2024-11-19T07:54:21.395524Z","last_seen":"2026-04-22T12:22:42.022076Z","times_seen":494,"resource_available":false,"data":null}},"time_used":1055,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1055,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"gzsycfz.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sf16-va.tiktokcdn.com/obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/shopHolder.png","fqdn":"sf16-va.tiktokcdn.com","domain":"tiktokcdn.com","tld":"com"},"ip":{"addr":"2.22.55.66","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.645Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokcdn.com","organization":""},"issuer":{"commonName":"RapidSSL TLS ECC CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 12 Mar 2026 00:00:00 GMT","end":"Sat, 26 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A9:C3:B7:47:40:78:CF:86:98:DC:CA:7F:86:25:55:24:18:EE:CD:2A","sha256":"A6:AB:6D:DF:58:71:C8:DC:08:42:BE:35:0B:4F:F4:AC:95:F4:B2:52:56:97:EA:18:BF:EC:B0:33:28:0D:80:DD"}}},"request":{"raw":"GET /obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/shopHolder.png HTTP/1.1\r\nHost: sf16-va.tiktokcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 197265\r\naccept-ranges: bytes\r\ncontent-md5: wlhsASDBfawYQKzg1MOXpQ==\r\netag: \"c2586c0120c17dac1840ace0d4c397a5\"\r\nlast-modified: Tue, 27 May 2025 06:41:38 GMT\r\nx-bdcdn-cache-status: TCP_MISS\r\nx-tos-request-id: 564ea0ca5608ca5f68ca5608-ade5a95\r\nx-tos-response-time: Wed, 17 Sep 2025 06:32:40 GMT\r\nx-request-ip: fdbd:dc61:b:277::12\r\nx-response-cinfo: fdbd:dc61:b:277::12\r\nx-response-cache: miss\r\nx-tt-trace-host: 0196ba2b50e2ceb1fe2146f024ed5efe38bf0bd1503e20f57744d7eeff73444882bcc2e41f9029061791c66cee3446a771a76ab4c7b3f79319ad37881b3e57add5a034029f3e980731afce7a4c956aa384edc98fa19137017a087977850b22bfc15837627791a1875bfcea635fc6d9cc25\r\nx-tt-trace-id: 00-25091714324042E217F66C90429C4DE5-04452DC805339CAA-00\r\nserver: TLB\r\nx-tt-logid: 2025091714324042E217F66C90429C4DE5\r\nx-akamai-request-id: 49c0080.117e5ef0\r\ncache-control: max-age=2592000\r\nexpires: Sat, 16 May 2026 14:47:42 GMT\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\nx-cache: TCP_MISS from a2-22-55-55.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (-)\r\nx-cache-remote: TCP_HIT from a2-22-55-28.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (A)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=4, origin; dur=0, inner; dur=109\r\nx-parent-response-time: 3,2.22.55.55\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":197265,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 564 x 999, 8-bit colormap, non-interlaced","md5":"c2586c0120c17dac1840ace0d4c397a5","sha1":"bd0383f9f1176b9d005b22d0cb793d5b76b096d8","sha256":"4cf9c584174b0ee786aad0e4dd112f3c1c9cbea6415255fa65646bf343d12ed6","sha512":"f8e64f99775f9091f6ca35adb5c8eff42e0bb53b8afdf05dc31ceae5c68492cea6a74d1fc4b367c4e0d903ea6c3db8d29df29fa2fbeed8280d416550a21a8ca3","ssdeep":"3072:/0i7Ob1hznckX4bgdA9qKF/I511lPbc/nDGiBGyTcXCEBm+pd9B5dEynoW5y:X7ORP/dA1Fg51LPbc/nJUrBl9B5W","tlshash":"e1141211f632e558db2226cbedc6d84430676a0343577ea0d790d8fe259847e14caf6e","first_seen":"2025-01-28T12:57:32.242925Z","last_seen":"2026-04-22T12:22:42.024128Z","times_seen":575,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":182,"dns":0,"connect":0,"send":0,"wait":30,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sf16-va.tiktokcdn.com/obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/Shoppable_video.mp4","fqdn":"sf16-va.tiktokcdn.com","domain":"tiktokcdn.com","tld":"com"},"ip":{"addr":"2.22.55.66","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokcdn.com","organization":""},"issuer":{"commonName":"RapidSSL TLS ECC CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 12 Mar 2026 00:00:00 GMT","end":"Sat, 26 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A9:C3:B7:47:40:78:CF:86:98:DC:CA:7F:86:25:55:24:18:EE:CD:2A","sha256":"A6:AB:6D:DF:58:71:C8:DC:08:42:BE:35:0B:4F:F4:AC:95:F4:B2:52:56:97:EA:18:BF:EC:B0:33:28:0D:80:DD"}}},"request":{"raw":"GET /obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/Shoppable_video.mp4 HTTP/1.1\r\nHost: sf16-va.tiktokcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ncontent-type: video/mp4\r\naccept-ranges: bytes\r\ncontent-md5: /HGrKb5Yc5aqaisvFTjb4g==\r\netag: \"fc71ab29be587396aa6a2b2f1538dbe2\"\r\nlast-modified: Tue, 27 May 2025 06:41:37 GMT\r\nx-bdcdn-cache-status: TCP_MISS\r\nx-tos-request-id: 9a56fd3be79496a9683be794-abf3845\r\nx-tos-response-time: Sun, 01 Jun 2025 05:39:32 GMT\r\nx-request-ip: fdbd:dc61:10:287::142\r\nx-response-cinfo: fdbd:dc61:10:287::142\r\nx-response-cache: miss\r\nx-tt-trace-host: 019f4d56ef8772b527ff2e740eaf2429fd311f3b6b905bf43de616f45ce190e8e336fb8eb813e8b57e110836ea7ff8434f7f9161efdc0cbbba1812c713af4351da07c1157a65d432a3fdc3c966d4e4b3b492f7b5c6ffa4f527e63ee9909714ac03eb95e95cfe4ff77b3f6ec02b642f4e461d06379b219ddea0434864d294bc9e91\r\nx-tt-trace-id: 00-250601053931AD7E83F871D25BD3AC6E-6E570EA19DA2D1A1-00\r\nserver: TLB\r\nx-tt-logid: 20250601053931AD7E83F871D25BD3AC6E\r\nx-akamai-request-id: 1f258c0.117e5edb\r\ncache-control: max-age=2592000\r\nexpires: Sat, 16 May 2026 14:47:42 GMT\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-range: bytes 0-821478/821479\r\ncontent-length: 821479\r\nx-cache: TCP_MISS from a2-22-55-55.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (-)\r\nx-cache-remote: TCP_REFRESH_HIT from a2-22-55-52.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (S)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=20, origin; dur=0, inner; dur=108\r\nx-parent-response-time: 9,184.27.176.38, 15,2.22.55.55\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":null,"data":{"size":786432,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"cefd48c26b283024e272d0bfb290861e","sha1":"3f9322a2d7c7185fb9ae05e18ec8bbff05d815c0","sha256":"4697cc5c8fa4dca29429bb34cc64dda7b38aaec90a4ce853577a0098d322da90","sha512":"8160aff7090b044cbb412dcc09600dd2e6e8cda4c001e72d673271d6f3ab485764bb82405fc09e9682a5385e0bc466c322b7579958de4c90b064b0a69fec6cd5","ssdeep":"12288:saLsdllXzVGJIgxwBoF2Cy5B3Y3BfU8q6+kIBhFJ1dgkgX2XtxSgPK5QNvlRm2:xsdvVGJ3wyFALhy+vxJ1n8aNK5im2","tlshash":"5df4236690c0077ec263a537ed27542d7dc8eefd6acd87e24126958b95ef08e3d11384","first_seen":"2025-06-01T11:33:46.933849Z","last_seen":"2026-04-16T14:48:17.498727Z","times_seen":19,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":35,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:43.696Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://gzsycfz.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 12 Apr 2026 00:37:47 GMT\r\nexpires: Mon, 12 Apr 2027 00:37:47 GMT\r\ncache-control: public, max-age=31536000\r\nage: 396596\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48320,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-04-23T15:14:48.712871Z","times_seen":219793,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":124,"dns":0,"connect":24,"send":0,"wait":10,"receive":6,"ssl":98},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-16T14:47:41.753Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gzsycfz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 06:51:15 GMT","end":"Fri, 22 May 2026 06:51:14 GMT"},"fingerprint":{"sha1":"41:70:26:A5:79:EA:A2:86:85:00:9A:E3:00:28:BA:92:B5:0D:9D:40","sha256":"C2:1A:8B:29:A1:44:BE:EB:11:9B:E4:80:D2:88:9F:A5:DA:13:76:51:28:40:89:6C:61:8C:6D:84:FC:74:EB:FB"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: gzsycfz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\netag: W/\"19354-1754492697000\"\r\nlast-modified: Wed, 06 Aug 2025 15:04:57 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Lodash","description":"Lodash is a JavaScript library which provides utility functions for common programming tasks using the functional programming paradigm.","website":"https://www.lodash.com","common_platform_enumeration":"cpe:2.3:a:lodash:lodash:*:*:*:*:*:*:*:*","icon":"Lodash.svg","categories":["JavaScript libraries"]}],"data":{"size":19354,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (414)","md5":"0989c2ff2355d6252b66459adb239a20","sha1":"fbf0412213450bb926579a39ca912d9d4f8b1e8a","sha256":"e0798c39e2ef75c5daacaba7ee627a1534863fd7a060020ae17eb9def4dfa51f","sha512":"224169b82b9793198e75a2a8073263c46453a52e8f2dbc6a97ff08f96fea6a8c4d578afedd28e07c2f3d2df3182c2db1ddbe475100fcc4065124ff722a332823","ssdeep":"192:8CRb21eQeRj0hXi6Mru4UifeipYi4e4Vmbi6Q0SPHCfd9q/+TqpuqqCajRvp:8m0eTBru4fN5p4mu4S6l9aW4hQP","tlshash":"d9926222a4f1b073409382e26b312b6b7fe0d597d65a8108b5bc43d85fd2d82dd2b56f","first_seen":"2025-08-09T01:18:23.960098Z","last_seen":"2026-04-21T20:01:16.364074Z","times_seen":105,"resource_available":true,"data":null}},"time_used":1154,"timings":{"blocked":472,"dns":46,"connect":207,"send":0,"wait":210,"receive":0,"ssl":216},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"gzsycfz.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/picture/c66126ce696f4672af7d698e0f3d61cb.png","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gzsycfz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 06:51:15 GMT","end":"Fri, 22 May 2026 06:51:14 GMT"},"fingerprint":{"sha1":"41:70:26:A5:79:EA:A2:86:85:00:9A:E3:00:28:BA:92:B5:0D:9D:40","sha256":"C2:1A:8B:29:A1:44:BE:EB:11:9B:E4:80:D2:88:9F:A5:DA:13:76:51:28:40:89:6C:61:8C:6D:84:FC:74:EB:FB"}}},"request":{"raw":"GET /static/picture/c66126ce696f4672af7d698e0f3d61cb.png HTTP/1.1\r\nHost: gzsycfz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"4430-1749197948000\"\r\nlast-modified: Fri, 06 Jun 2025 08:19:08 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4430,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 193 x 192, 8-bit/color RGBA, non-interlaced","md5":"6acc5ea63480977112e33d4e21c4cbef","sha1":"692bbadde81ff9b82b0343fa4c05dc82ad076cdd","sha256":"ea7e56e5af17e18a1e12e514e32a3ef40928d522aeb031f1388c2d9d7796f515","sha512":"2fc39f0266ca57bec9808ca8e074c3fe6e823422ad950d896e4b66df066ca5dc80ed991796bee82acd0388a206fc470404c4068a82776f6406872bb3e1878ea2","ssdeep":"96:17vXZylQIxi/7YSvkYjYBQi1E3z5Opfgqgz3q85dze:1LXolQIxizsYp9+fgqR8DC","tlshash":"2c919ebc27ed8f93c30cc2fa4a17a722c4a06437e20ba190c6fd9340ebb6166416538c","first_seen":"2024-08-19T16:11:10.099083Z","last_seen":"2026-04-22T12:22:41.998422Z","times_seen":592,"resource_available":false,"data":null}},"time_used":1055,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1055,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"gzsycfz.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"p16-oec-sg.ibyteimg.com/tos-alisg-i-aphluv4xwc-sg/12e0b5c375bd4824a5b6cd6dbaf76735~tplv-aphluv4xwc-origin-image.image","fqdn":"p16-oec-sg.ibyteimg.com","domain":"ibyteimg.com","tld":"com"},"ip":{"addr":"23.36.77.48","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ibyteimg.com","organization":""},"issuer":{"commonName":"RapidSSL TLS ECC CA G1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 16 Jun 2025 00:00:00 GMT","end":"Mon, 15 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:68:99:F7:11:99:E1:26:F3:58:F7:0B:38:2A:AB:E3:3F:B4:0D:35","sha256":"D3:AF:19:C8:00:FA:B8:E5:1E:07:1A:6F:74:F5:09:8A:4E:E6:B2:B7:A7:F8:D8:4F:93:13:86:CC:93:89:0F:AF"}}},"request":{"raw":"GET /tos-alisg-i-aphluv4xwc-sg/12e0b5c375bd4824a5b6cd6dbaf76735~tplv-aphluv4xwc-origin-image.image HTTP/1.1\r\nHost: p16-oec-sg.ibyteimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 3433\r\nimagex-fmt: png2png\r\nlast-modified: Tue, 03 Mar 2026 09:38:15 GMT\r\nnw-session-id: 20260303173815AE103D9B4D163AFE688Cwsxgx13df\r\nnw-session-trace: 2026-03-03T09:38:15.378437269Z 102\r\nx-bdcdn-cache-status: TCP_MISS\r\nx-length: 3433\r\nx-powered-by: ImageX\r\nx-response-date: Tue, 03 Mar 2026 09:38:15 GMT\r\nx-tt-logid: 20260303173815AE103D9B4D163AFE688C\r\nx-request-ip: fdbd:dc51:ff:1:1:245:40:109\r\nx-response-cinfo: fdbd:dc51:ff:1:1:245:40:109\r\nx-response-cache: miss\r\nx-tt-trace-host: 01f1a8113f26bebfb4d0ccaff8ef0a170c75c6672b5b6e76b50c04f254c4556584ed6e8aa80e30e3a9387fbeabb0d9b6dbbff1840421156f22a82b18da0685d0d44cb98773699767784b1d33f2c552745e947fc441c4c19e37e16f4a7eb145255db5bc1d51e888d5fe802dfcdb2b8d0e605d52a521ca89ecfbb8ffdf99efc3ea5e\r\nx-tt-trace-id: 00-260303173815AE103D9B4D163AFE688C-5F315E9CB82A422B-00\r\nserver: TLB\r\ncache-control: max-age=27715833\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\nx-cache: TCP_HIT from a23-36-77-103.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=107\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nx-akamai-request-id: 4e6c5a3\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3433,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 440 x 440, 8-bit colormap, non-interlaced","md5":"698f72a21509608268eff77c2a950582","sha1":"bc5cd1ef9da74522d6db5cdd7ae0df1dba166ba8","sha256":"5110f20c2f5ec6003f7d1073e529e5a2d3fee741f29368e396a945cd5486614e","sha512":"7f07e92f9d02f1a89857c1da0b6a3c7c6ad71645150152b84090e66cabc15574a65bf744d0fde5b99a828736bf75930a24557590211866a2196a429c55c0956c","ssdeep":"","tlshash":"1b6119a348d1de6cc90da334c8daa84f951e4f0cdb66a60ce951d70025a0b5816f615e","first_seen":"2025-01-28T12:57:32.254402Z","last_seen":"2026-04-22T12:22:42.033738Z","times_seen":583,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":133,"dns":9,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/js/main.a0906336.js","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.628Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gzsycfz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 06:51:15 GMT","end":"Fri, 22 May 2026 06:51:14 GMT"},"fingerprint":{"sha1":"41:70:26:A5:79:EA:A2:86:85:00:9A:E3:00:28:BA:92:B5:0D:9D:40","sha256":"C2:1A:8B:29:A1:44:BE:EB:11:9B:E4:80:D2:88:9F:A5:DA:13:76:51:28:40:89:6C:61:8C:6D:84:FC:74:EB:FB"}}},"request":{"raw":"GET /static/js/main.a0906336.js HTTP/1.1\r\nHost: gzsycfz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"13686-1749197948000\"\r\nlast-modified: Fri, 06 Jun 2025 08:19:08 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13686,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (13686), with no line terminators","md5":"34c65ea5f113504cce2d321b961ecdb9","sha1":"08452295b557781bdb2c040bfd8af380f3d0382e","sha256":"bf5826fc56e122bba36429ed692b35c5ca3502f1946adb91901a7eb86becbab4","sha512":"ce29cfa7520bd62e82f7ae4af90ecf259ecc2df46ff3a2378b1e76ad5b8061d9cb271c0cc70e0d193768aa7d914e7e5e9c533bfd83dd00b1e83a3213bd0ab781","ssdeep":"384:5Llw/fc/7T6EsqjFx7TsvirLWtY8x0r8X2iw+fq3coaQXgpJhA:5LO3c/7TsqBe68x0r8X2iwMq3cJi","tlshash":"76520cb6c04138bf2e8e0a84500e3ebaacad5ecf916d7570955c68ddb144af7bc0dac4","first_seen":"2024-09-28T07:23:58.371454Z","last_seen":"2026-04-22T12:22:42.032815Z","times_seen":578,"resource_available":true,"data":null}},"time_used":1058,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1058,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"gzsycfz.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700\u0026family=Open+Sans:wght@400;500;600\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.19.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"1A:63:7B:F3:04:6F:4C:E4:F3:15:87:E8:E7:FA:DD:B1:F7:7E:89:49","sha256":"5E:36:5D:D1:35:3B:0A:E9:8A:55:91:DC:12:B0:50:4A:AE:D9:A7:97:06:7C:0D:D7:F0:23:3E:8A:B2:08:19:00"}}},"request":{"raw":"GET /css2?family=Montserrat:wght@400;500;600;700\u0026family=Open+Sans:wght@400;500;600\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 16 Apr 2026 14:47:42 GMT\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25750,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"494f90abcc5754cfe64492439457c172","sha1":"ad998f2bf7ce722c3745460898001b550297af43","sha256":"a77a904ca74c2f7d2743e47ceac24c63c73c66a6b73479ba93dbfd40183a005a","sha512":"d4484c962142c916fed968550f23f3bc49bffda551ca471923f84d556aafaa17e398a9426f50f5c5f9090151b7adc1e987717d4c24ac2bdbfc103fce04c4da7c","ssdeep":"192:YRo7TbOmuwRv7M0OFupRS719Ocu6RB7W+OjunCKKf2XdrqJnbqGIwV4jozYUChhE:4QPTzajdst5qY4tMgqY45f/qY4g","tlshash":"17c20c900017a800ab471cd623ce7f35ee0fa2667044c07a6ffd5aaaeedad25537572d","first_seen":"2025-10-14T13:39:40.913275Z","last_seen":"2026-04-21T20:01:16.358791Z","times_seen":125,"resource_available":false,"data":null}},"time_used":256,"timings":{"blocked":90,"dns":0,"connect":20,"send":0,"wait":31,"receive":0,"ssl":110},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/picture/6faccd0453f640bb869575f3d7ed4aec.png","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gzsycfz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 06:51:15 GMT","end":"Fri, 22 May 2026 06:51:14 GMT"},"fingerprint":{"sha1":"41:70:26:A5:79:EA:A2:86:85:00:9A:E3:00:28:BA:92:B5:0D:9D:40","sha256":"C2:1A:8B:29:A1:44:BE:EB:11:9B:E4:80:D2:88:9F:A5:DA:13:76:51:28:40:89:6C:61:8C:6D:84:FC:74:EB:FB"}}},"request":{"raw":"GET /static/picture/6faccd0453f640bb869575f3d7ed4aec.png HTTP/1.1\r\nHost: gzsycfz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"3348-1749197948000\"\r\nlast-modified: Fri, 06 Jun 2025 08:19:08 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3348,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 193 x 192, 8-bit/color RGBA, non-interlaced","md5":"e5618045243b8fbb796589911deeb9dc","sha1":"751680b6488cb9b804721fee0e2492d1af3b05ab","sha256":"a8fef6e8fcbddd163928d82c0e34691964176f185da2dbf303f55d4d04d7a553","sha512":"a045f53472f124741386d773530810e4a6b0f408e87162ecb3b4a0ddb9114d8d234329e914a072968d7f5b74bbb9b0249cdb74fc035612b2015ea464f1a2eba8","ssdeep":"","tlshash":"11615ce30c23c152e9940db61d303988b5fd1ca95015352629152da66e7fe447eeea0f","first_seen":"2024-11-19T07:54:21.363854Z","last_seen":"2026-04-22T12:22:42.000183Z","times_seen":586,"resource_available":false,"data":null}},"time_used":1053,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1053,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"gzsycfz.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sf16-va.tiktokcdn.com/obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/StatisticNumber/1.mp4","fqdn":"sf16-va.tiktokcdn.com","domain":"tiktokcdn.com","tld":"com"},"ip":{"addr":"2.22.55.66","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokcdn.com","organization":""},"issuer":{"commonName":"RapidSSL TLS ECC CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 12 Mar 2026 00:00:00 GMT","end":"Sat, 26 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A9:C3:B7:47:40:78:CF:86:98:DC:CA:7F:86:25:55:24:18:EE:CD:2A","sha256":"A6:AB:6D:DF:58:71:C8:DC:08:42:BE:35:0B:4F:F4:AC:95:F4:B2:52:56:97:EA:18:BF:EC:B0:33:28:0D:80:DD"}}},"request":{"raw":"GET /obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/StatisticNumber/1.mp4 HTTP/1.1\r\nHost: sf16-va.tiktokcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ncontent-type: video/mp4\r\naccept-ranges: bytes\r\ncontent-md5: lTGR0M43RtYieryITRyRiA==\r\netag: \"953191d0ce3746d6227abc884d1c9188\"\r\nlast-modified: Tue, 27 May 2025 06:41:38 GMT\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-tos-request-id: 4cd86f5aa61c3b80685aa61c-abd4d69\r\nx-tos-response-time: Tue, 24 Jun 2025 13:20:28 GMT\r\nx-request-ip: fdbd:dc61:c:149::16\r\nx-response-cinfo: fdbd:dc61:c:149::16\r\nx-response-cache: edge_hit\r\nx-tt-trace-host: 0104bcd989a6f93b61cfefbaddee76253728fac3957cd20bbb2027caaddf29ceecac748f783f24b36611d982393abd975b5cbeb71ba32ce7a550aca8afde4d1f7644fc66df564f5b923a7a3c2a39302e1c3c9b7436319e3b80dc7771ab03a9cf67a0d688b2e782b72acadb6023e317bfde\r\nx-tt-trace-id: 00-250625033821309389A8D8FDAAC9A642-29E5B5CF4D31B2D7-00\r\nserver: TLB\r\nx-tt-logid: 20250625033821309389A8D8FDAAC9A642\r\nx-origin-response-time: 22,23.60.159.151\r\nx-akamai-request-id: 4af7e7b.117e5ed7\r\ncache-control: max-age=2592000\r\nexpires: Sat, 16 May 2026 14:47:42 GMT\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-range: bytes 0-344042/344043\r\ncontent-length: 344043\r\nx-cache: TCP_MISS from a2-22-55-55.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (-)\r\nx-cache-remote: TCP_HIT from a2-22-55-110.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=4, origin; dur=0, inner; dur=1\r\nx-parent-response-time: 3,2.22.55.55\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":null,"data":{"size":344043,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"953191d0ce3746d6227abc884d1c9188","sha1":"4d815bdd8ae1c8f366ea18b3712dc3f815c3c566","sha256":"8d14f425615fd88d6c58df03c6ec521ad18d3ad4c845f931ae3eecbcab4b8c4e","sha512":"fbc4b3461abee4ba3948ff432cecfa60b3894d68f1c682bde85a64cfa42a777ffd924652f2eaa6503d402136f18e662ac583abc49728e75ed1160340e8f1bed1","ssdeep":"6144:lJQid6qp2NOJTkHI4Q3FSW6za9X1hSAxFWHe96IMnZCaTuQYwFrfkDrry:lr5229jead1LxFWHtTuFw9Mvry","tlshash":"84741263e3c7593afeb4ae7640d080968d49009802fe4bcb7c8d9d164fd4ba91f64de9","first_seen":"2025-01-28T12:57:32.24802Z","last_seen":"2026-04-22T12:22:42.03491Z","times_seen":560,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":30,"dns":0,"connect":0,"send":0,"wait":9,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:43.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://gzsycfz.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 37756\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 11 Apr 2026 02:00:50 GMT\r\nexpires: Sun, 11 Apr 2027 02:00:50 GMT\r\ncache-control: public, max-age=31536000\r\nage: 478013\r\nlast-modified: Thu, 04 Sep 2025 17:09:21 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":37756,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 37756, version 1.0","md5":"8a6a885dd57e60ddd85f3190737fa209","sha1":"dbca56b7fe8ee5e4bfb648d639fc6a3bfc5c6e85","sha256":"b9b102f608e8252e3c1e7287309832b16af7dcc6e788651fa503a3faacd7fb2f","sha512":"2bd785869777dc57dbb5934d4c6915b66f89746dd79897820eb4bbd0d262b2612bafdfb07c1e092658ad819f582a97e6a196531f74187d8a0b0bbd07fcbba56a","ssdeep":"768:sqRKhgpCf9U72WeD4A/5IqtBr0ikGvEaQh38/LBu3Emdc043RpgZKMqjkEfO1m:jKgp+9U7Ve8A/7Ai9Et3EBKEUE3RqMMu","tlshash":"3e030130df5884edcc0ba371fdeea81fc7a332a594c0b3368297af1b80111499d99e49","first_seen":"2025-09-05T00:25:10.258656Z","last_seen":"2026-04-23T15:15:28.661943Z","times_seen":345984,"resource_available":false,"data":null}},"time_used":279,"timings":{"blocked":131,"dns":1,"connect":20,"send":0,"wait":9,"receive":7,"ssl":104},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/mp4/TKMALL_ZIP.mp4","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:45.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gzsycfz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 06:51:15 GMT","end":"Fri, 22 May 2026 06:51:14 GMT"},"fingerprint":{"sha1":"41:70:26:A5:79:EA:A2:86:85:00:9A:E3:00:28:BA:92:B5:0D:9D:40","sha256":"C2:1A:8B:29:A1:44:BE:EB:11:9B:E4:80:D2:88:9F:A5:DA:13:76:51:28:40:89:6C:61:8C:6D:84:FC:74:EB:FB"}}},"request":{"raw":"GET /static/mp4/TKMALL_ZIP.mp4 HTTP/1.1\r\nHost: gzsycfz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=16678912-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Thu, 16 Apr 2026 14:47:45 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 69943\r\netag: W/\"16748855-1749268218000\"\r\nlast-modified: Sat, 07 Jun 2025 03:50:18 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-range: bytes 16678912-16748854/16748855\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":69943,"size_decoded":0,"mime_type":"video/mp4","magic":"data","md5":"4c21ad4bc599e3158818429abaf502de","sha1":"7f3e01f591b10cfb2b777cf4fccb80b7fc5b37dd","sha256":"6dcfb4038fc88528d285a286c9433ede75e30f51cad3788bb09ba560eec330f7","sha512":"5b695d6d3afffaf6ab8dc7f9c6f14f9fbea9759f96123ee8ed9a29e2c64c12787baa961f737ff02862aa67a2d2c26da8af57689bb7acce6ae18f910f32117705","ssdeep":"1536:3KuntZPiYJAqdCTDIq7VMSVGBwYuA17sNYJ9bc3:3NtEeaUyV+BTWNYJK3","tlshash":"6e63566c73af664be9262b34b9d243483b31d89ecb8b078f025643d7ad453d528cd6d8","first_seen":"2025-01-28T12:57:32.328008Z","last_seen":"2026-04-22T12:22:42.015162Z","times_seen":509,"resource_available":false,"data":null}},"time_used":2077,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1448,"receive":629,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"gzsycfz.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sf16-va.tiktokcdn.com/obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/Banner/placeholder.png","fqdn":"sf16-va.tiktokcdn.com","domain":"tiktokcdn.com","tld":"com"},"ip":{"addr":"2.22.55.66","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokcdn.com","organization":""},"issuer":{"commonName":"RapidSSL TLS ECC CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 12 Mar 2026 00:00:00 GMT","end":"Sat, 26 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A9:C3:B7:47:40:78:CF:86:98:DC:CA:7F:86:25:55:24:18:EE:CD:2A","sha256":"A6:AB:6D:DF:58:71:C8:DC:08:42:BE:35:0B:4F:F4:AC:95:F4:B2:52:56:97:EA:18:BF:EC:B0:33:28:0D:80:DD"}}},"request":{"raw":"GET /obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/Banner/placeholder.png HTTP/1.1\r\nHost: sf16-va.tiktokcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 542833\r\naccept-ranges: bytes\r\ncontent-md5: VHW+LO0S7pyvGVDRJKpEUQ==\r\netag: \"5475be2ced12ee9caf1950d124aa4451\"\r\nlast-modified: Tue, 27 May 2025 06:41:37 GMT\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-tos-request-id: b0155f49ca791ed76849ca79-a364697\r\nx-tos-response-time: Wed, 11 Jun 2025 18:27:05 GMT\r\nx-request-ip: fdbd:dc61:a:53::42\r\nx-response-cinfo: fdbd:dc61:a:53::42\r\nx-response-cache: edge_hit\r\nx-tt-trace-host: 01c4ec7fbc0b9f41cfb847c95fc8dbbe67052435415a0f09013cf9da976a030a3199d2f2ef77675e4ce2a1789670c6833eabbb347f0bfeb367c83614b921dc3d2bfad27951d00de97cafea264648743100a2d0700cbd317866fa48537b2b72017b20bf6fc93d369a40c5e2edc5978fe51ea1efa36c4d11af9dd40e7b174d4bf7f4\r\nx-tt-trace-id: 00-25061204181008B839C717AFFBDF4EA0-53770562F0A11731-00\r\nserver: TLB\r\nx-tt-logid: 2025061204181008B839C717AFFBDF4EA0\r\nx-akamai-request-id: 154c9ca.117e5ee4\r\ncache-control: max-age=2592000\r\nexpires: Sat, 16 May 2026 14:47:42 GMT\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\nx-cache: TCP_MISS from a2-22-55-55.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (-)\r\nx-cache-remote: TCP_HIT from a2-22-55-68.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=4, origin; dur=0, inner; dur=2\r\nx-parent-response-time: 3,2.22.55.55\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":542833,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1125 x 2004, 8-bit colormap, non-interlaced","md5":"5475be2ced12ee9caf1950d124aa4451","sha1":"ff32f262c7234de0cc215b39524b3def7dcec9bb","sha256":"5e751a93469021b2873cadfc59404378bae57a81fddc4ecb1234939292fd12ed","sha512":"3989a2a6d0e67674ea802d4fd5600831cfa7714bbdb0117a3dbc343101104daaa4a3c97972951827f27a21b8add741af11e6f35d08314072b497c993a9653878","ssdeep":"12288:Y456Edfo2e3kKm/LV5pueHXD/9GKNhHVGaS+yl6M:Y4kYfTe3kKcV5cAXDZOhrx","tlshash":"c1b423621980ceb0a863f57cf69ec8e2f8ac790f241fdb0971b27606bcc45d67697641","first_seen":"2025-01-28T12:57:32.244558Z","last_seen":"2026-04-22T12:22:42.016349Z","times_seen":503,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":147,"dns":0,"connect":0,"send":0,"wait":52,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/mp4/middle1.mp4","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.700Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gzsycfz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 06:51:15 GMT","end":"Fri, 22 May 2026 06:51:14 GMT"},"fingerprint":{"sha1":"41:70:26:A5:79:EA:A2:86:85:00:9A:E3:00:28:BA:92:B5:0D:9D:40","sha256":"C2:1A:8B:29:A1:44:BE:EB:11:9B:E4:80:D2:88:9F:A5:DA:13:76:51:28:40:89:6C:61:8C:6D:84:FC:74:EB:FB"}}},"request":{"raw":"GET /static/mp4/middle1.mp4 HTTP/1.1\r\nHost: gzsycfz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 874835\r\netag: W/\"874835-1749268242000\"\r\nlast-modified: Sat, 07 Jun 2025 03:50:42 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-range: bytes 0-874834/874835\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":874835,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"63f2aebfc6f4517ad435265dd79b4b96","sha1":"3b73daf67ed25d09906751b89ee1ccd7e82c2fac","sha256":"097ad3de9287bd12b9784bf853e8a5dd3044131a0787963e25a5708680764bf6","sha512":"e35d2ab4068a2c16a2350dd8aad9e36c205e971b67438bdb232f4018669311bb8369ea23b8f0c56f720d6df672ccf3a72481de068a80597386222a81a79c227b","ssdeep":"12288:dFpmeRihpggIu+zcw1BlBVEB+uwxLDs2GReQAyVxyx4ICKzJtfg63jvCAEGlcY5g:pxR2pggmzcIGB+LLDK09Oxyx4K7ZzaGi","tlshash":"1e15335113cd2fdef71f11ba5a1af6a3e562832c9e7ac398cb17548bec14a709c048e4","first_seen":"2025-01-28T12:57:32.326427Z","last_seen":"2026-04-22T12:22:42.026136Z","times_seen":463,"resource_available":false,"data":null}},"time_used":8028,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":946,"receive":7082,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"gzsycfz.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/js/lib-lodash.bf84b211.js","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.620Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gzsycfz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 06:51:15 GMT","end":"Fri, 22 May 2026 06:51:14 GMT"},"fingerprint":{"sha1":"41:70:26:A5:79:EA:A2:86:85:00:9A:E3:00:28:BA:92:B5:0D:9D:40","sha256":"C2:1A:8B:29:A1:44:BE:EB:11:9B:E4:80:D2:88:9F:A5:DA:13:76:51:28:40:89:6C:61:8C:6D:84:FC:74:EB:FB"}}},"request":{"raw":"GET /static/js/lib-lodash.bf84b211.js HTTP/1.1\r\nHost: gzsycfz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"95095-1749197948000\"\r\nlast-modified: Fri, 06 Jun 2025 08:19:08 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":95095,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65459)","md5":"6be4803af01cf9e16ddf93fb04a1db72","sha1":"0487ddef043cdb2e15e9bf5c599134f35a166ce1","sha256":"853623d58dedcd9a5e536bef349e9ff83dded42d4b1dd2fbab7fe601bb28626e","sha512":"ca190dab6ce3f636419cb5d23cb65d4948126e212756d9f05e6dd2702b09689488b5059277b32ff31d7b1497205804278f77f2f996c4608544322aa3686f71a6","ssdeep":"1536:52fmxNB/M6lzihdLUVnCsmdaKWsq5l1frkn9c/pn4QJn9pyHX:vPadIVlKWHDeCpL9pM","tlshash":"f09393c9bad3f05943a77860402f040bf23e6e54a88e9594d262e4dcbcbc55ee177f1a","first_seen":"2024-09-28T07:23:58.446746Z","last_seen":"2026-04-22T12:22:42.04977Z","times_seen":584,"resource_available":true,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":246,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"gzsycfz.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sf16-va.tiktokcdn.com/obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/liveHolder.png","fqdn":"sf16-va.tiktokcdn.com","domain":"tiktokcdn.com","tld":"com"},"ip":{"addr":"2.22.55.66","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokcdn.com","organization":""},"issuer":{"commonName":"RapidSSL TLS ECC CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 12 Mar 2026 00:00:00 GMT","end":"Sat, 26 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A9:C3:B7:47:40:78:CF:86:98:DC:CA:7F:86:25:55:24:18:EE:CD:2A","sha256":"A6:AB:6D:DF:58:71:C8:DC:08:42:BE:35:0B:4F:F4:AC:95:F4:B2:52:56:97:EA:18:BF:EC:B0:33:28:0D:80:DD"}}},"request":{"raw":"GET /obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/liveHolder.png HTTP/1.1\r\nHost: sf16-va.tiktokcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 219736\r\naccept-ranges: bytes\r\ncontent-md5: aFOxPncKLdEWqCLCJ6fDuw==\r\netag: \"6853b13e770a2dd116a822c227a7c3bb\"\r\nlast-modified: Tue, 27 May 2025 06:41:38 GMT\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-tos-request-id: a1187f3a1f2cef02683a1f2c-abf38c5\r\nx-tos-response-time: Fri, 30 May 2025 21:12:12 GMT\r\nx-request-ip: fdbd:dc61:10:253::21\r\nx-response-cinfo: fdbd:dc61:10:253::21\r\nx-response-cache: edge_hit\r\nx-tt-trace-host: 01dff37b3e340e71996c157643bb6bf7a179ed39413394888ed760d098bfb84bbeef1e2ab64c2a644de0602f40e01902720854da5c330a43b05c57adee85304abc52e888c9ff77080aab75d20e9dd14c73a9be76a91174dd413ac4d880b9738f76dfe3202ee6c85da21162d662c81094be\r\nx-tt-trace-id: 00-250531023441CE2AE30A67E4FDA58594-523D34AA9794281B-00\r\nserver: TLB\r\nx-tt-logid: 20250531023441CE2AE30A67E4FDA58594\r\nx-akamai-request-id: 1f258c5.117e5eef\r\ncache-control: max-age=2592000\r\nexpires: Sat, 16 May 2026 14:47:42 GMT\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\nx-cache: TCP_MISS from a2-22-55-55.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (-)\r\nx-cache-remote: TCP_HIT from a2-22-55-52.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=4, origin; dur=0, inner; dur=2\r\nx-parent-response-time: 4,2.22.55.55\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":219736,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 565 x 999, 8-bit colormap, non-interlaced","md5":"6853b13e770a2dd116a822c227a7c3bb","sha1":"a9d56bb607687e8649f3b35cea83420f191bf809","sha256":"97a8f62035393e92e48c8a2fb0c5e2891cdef960c530f07521c7f9ba2692d328","sha512":"09fe5a048dc9b3bc7c51af2cd30b62a3227871cc93d5e80352b6a6241ca3c89ecc975c0875aa7c5e5db299092d828b54c0acd22799c1cdb0676520e122870b56","ssdeep":"3072:2Z6Q9AkPO76gJiKAmgPaTsWfoAOQNkDel6BP4i1sqKMwcwYJAoBgBnWN3vVCAxEi:fQPGbPgPaTtxN8OesqaYeBWNN/Ocf","tlshash":"e924226688cb9ef9e57356f3944eb63de53f0f2710a5d170a6820091ced3b19ba6074c","first_seen":"2025-01-28T12:57:32.246085Z","last_seen":"2026-04-22T12:22:42.006116Z","times_seen":575,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":185,"dns":0,"connect":0,"send":0,"wait":24,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/picture/7ee7c29f6d524e03ac48cc32eed4b912.png","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gzsycfz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 06:51:15 GMT","end":"Fri, 22 May 2026 06:51:14 GMT"},"fingerprint":{"sha1":"41:70:26:A5:79:EA:A2:86:85:00:9A:E3:00:28:BA:92:B5:0D:9D:40","sha256":"C2:1A:8B:29:A1:44:BE:EB:11:9B:E4:80:D2:88:9F:A5:DA:13:76:51:28:40:89:6C:61:8C:6D:84:FC:74:EB:FB"}}},"request":{"raw":"GET /static/picture/7ee7c29f6d524e03ac48cc32eed4b912.png HTTP/1.1\r\nHost: gzsycfz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-type: image/png\r\ncontent-length: 371\r\netag: W/\"371-1749197948000\"\r\nlast-modified: Fri, 06 Jun 2025 08:19:08 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":371,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 4-bit colormap, non-interlaced","md5":"1ab6d013a3f43915b8ea2fbd0b74dbe7","sha1":"df52c03c337bbd74a2b976575a693eed41b0e117","sha256":"851cf8b809ff8f67253ac16dc1eb9c74d07055716963188f26a66a6af385d370","sha512":"105ff7044b320e6d00bf9a3fc83342a7bd22ec025939807de8671d1acad7a94f850a8d4f3bb8a484a62b982b978628fbb090570c33e0e61033aa9b215d9ff456","ssdeep":"","tlshash":"b5e0c0e3afa35dacda676abb412cdd9881931828511a1d07c44b22727b3214d73a5f47","first_seen":"2025-01-28T12:57:32.304252Z","last_seen":"2026-04-22T12:22:42.037252Z","times_seen":560,"resource_available":false,"data":null}},"time_used":8548,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1049,"receive":7499,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"gzsycfz.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"p16-oec-sg.ibyteimg.com/tos-alisg-i-aphluv4xwc-sg/876feebbbebd4e1290264d966eac158e~tplv-aphluv4xwc-origin-image.image","fqdn":"p16-oec-sg.ibyteimg.com","domain":"ibyteimg.com","tld":"com"},"ip":{"addr":"23.36.77.48","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ibyteimg.com","organization":""},"issuer":{"commonName":"RapidSSL TLS ECC CA G1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 16 Jun 2025 00:00:00 GMT","end":"Mon, 15 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:68:99:F7:11:99:E1:26:F3:58:F7:0B:38:2A:AB:E3:3F:B4:0D:35","sha256":"D3:AF:19:C8:00:FA:B8:E5:1E:07:1A:6F:74:F5:09:8A:4E:E6:B2:B7:A7:F8:D8:4F:93:13:86:CC:93:89:0F:AF"}}},"request":{"raw":"GET /tos-alisg-i-aphluv4xwc-sg/876feebbbebd4e1290264d966eac158e~tplv-aphluv4xwc-origin-image.image HTTP/1.1\r\nHost: p16-oec-sg.ibyteimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 4171\r\nimagex-fmt: png2png\r\nlast-modified: Mon, 23 Feb 2026 23:14:05 GMT\r\nnw-session-id: 20260224071405AED9CE7C7A8AFEBE03F1f294c13df\r\nnw-session-trace: 2026-02-23T23:14:05.388124814Z 68\r\nx-bdcdn-cache-status: TCP_MISS\r\nx-length: 4171\r\nx-powered-by: ImageX\r\nx-response-date: Mon, 23 Feb 2026 23:14:05 GMT\r\nx-tt-logid: 20260224071405AED9CE7C7A8AFEBE03F1\r\nx-request-ip: fdbd:dc53:21:922::36\r\nx-response-cinfo: fdbd:dc53:21:922::36\r\nx-response-cache: miss\r\nx-tt-trace-host: 01c776dc5de09d55ed1666c3f627f9d56d745dafd545060901bc905cdeacb1b2d82cc4a99d53e1284a469a3b0dbf01cab25715f6cdbc267e1fd9f07fcdbf0e3b9168d5c1e9ed7f9fc43fb14d50810ca9663afeb7e98b07b659920be4ec8c670ef9f62130e0cc22404357c611263ebef1fe\r\nx-tt-trace-id: 00-260224071405AED9CE7C7A8AFEBE03F1-2CF5171BE26A7CB5-00\r\nserver: TLB\r\nx-parent-response-time: 839,23.205.82.5\r\ncache-control: max-age=29369172\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\nx-cache: TCP_HIT from a23-36-77-103.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=71\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nx-akamai-request-id: 4e6c5a2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4171,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 440 x 440, 8-bit colormap, non-interlaced","md5":"abe0088d07fc512411dba1d0bf7e2ee5","sha1":"5872102d04cc79112f0675bd5408fc617c5a69df","sha256":"a357c0909db08ce5e90199620704c113ec5d2ad2907d9dafe54753736694558f","sha512":"b7e753c422c99cfe765e2cac85976539e94d52cff60239be3c2eeb33dafafd7ca547a63bd6e3fc3b1b58ae72d96a083498e6af285e04b39fed944b39c8ba5178","ssdeep":"96:a5TZxwxQ+AY1DDKnLVbyqyUHAM54CusQsen+ce/8w9YLTyie2ZePS6ZB:a5dxw3ObIUBKSenjeEw9UyTxL","tlshash":"c781a0b3414a9711fe31bb7d2276089ea1e0d774e8067a47b0a0d51f39efc146800911","first_seen":"2025-01-28T12:57:32.261729Z","last_seen":"2026-04-22T12:22:42.028956Z","times_seen":575,"resource_available":false,"data":null}},"time_used":258,"timings":{"blocked":133,"dns":9,"connect":3,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/js/lib-router.706221fa.js","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.626Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gzsycfz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 06:51:15 GMT","end":"Fri, 22 May 2026 06:51:14 GMT"},"fingerprint":{"sha1":"41:70:26:A5:79:EA:A2:86:85:00:9A:E3:00:28:BA:92:B5:0D:9D:40","sha256":"C2:1A:8B:29:A1:44:BE:EB:11:9B:E4:80:D2:88:9F:A5:DA:13:76:51:28:40:89:6C:61:8C:6D:84:FC:74:EB:FB"}}},"request":{"raw":"GET /static/js/lib-router.706221fa.js HTTP/1.1\r\nHost: gzsycfz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"54278-1749197948000\"\r\nlast-modified: Fri, 06 Jun 2025 08:19:08 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":54278,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (54201)","md5":"33e7cf1528a483f0c3d9da77a9935747","sha1":"162b9616fa767dd4ec7b64c157e859099782a87f","sha256":"7ee5d4c6a5b6b9013b91f3a7b74dfde9c03b70859bc5e64506984bc75276e990","sha512":"bc7d36a6232b763e6d808690bc07b3a4c9e87caa203a191675e996d560c355575b98b175cfdeea606c9f232c7573680bef1793e6c44c19f33b63d13710ff3103","ssdeep":"768:OK3cu7mmtBYfQoN0C3N3X6gL58s97iG3hfQKfg7g:XcuPC0CNqgL5CKoM","tlshash":"a733f9fab641b0665bfb03e6c0bb0125e3796dda206a4415b298ec4e3074d4da377f39","first_seen":"2024-09-28T07:23:58.450437Z","last_seen":"2026-04-22T12:22:42.044122Z","times_seen":581,"resource_available":true,"data":null}},"time_used":1059,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1059,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"gzsycfz.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/picture/370cd42a67c3424c85fc5395158eec06.png","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gzsycfz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 06:51:15 GMT","end":"Fri, 22 May 2026 06:51:14 GMT"},"fingerprint":{"sha1":"41:70:26:A5:79:EA:A2:86:85:00:9A:E3:00:28:BA:92:B5:0D:9D:40","sha256":"C2:1A:8B:29:A1:44:BE:EB:11:9B:E4:80:D2:88:9F:A5:DA:13:76:51:28:40:89:6C:61:8C:6D:84:FC:74:EB:FB"}}},"request":{"raw":"GET /static/picture/370cd42a67c3424c85fc5395158eec06.png HTTP/1.1\r\nHost: gzsycfz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"4211-1749197948000\"\r\nlast-modified: Fri, 06 Jun 2025 08:19:08 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4211,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 193 x 192, 8-bit/color RGBA, non-interlaced","md5":"d4f8979b3d4018df19969be9034516f9","sha1":"cd6ed110c7796e771450e27e820b11f7940d9db6","sha256":"636491d3bb271b7114c8cc3a8b05577949318e025acbd978f644fa1dd449cc76","sha512":"5eb075dab8c90cf6592176262d7e57350575022e4a30301766231aa51bc316b768d7a8dce2098b3012f75e27196978d849ab72eca032641e8a5eda5432b778be","ssdeep":"96:ZEHnswxASzLSucX8QAu1V3H80aqpuT3ktzXPFmEtvaXyHcSxBEchT:ZQn3WSMyu1Vs0bUIXtpIdSxBEQT","tlshash":"bf915dd3d557f081e311e27e0d3410e85519a6edc731a448eee7ec1e7a2ba99426d170","first_seen":"2024-08-19T16:11:10.099878Z","last_seen":"2026-04-22T12:22:42.039333Z","times_seen":592,"resource_available":false,"data":null}},"time_used":1056,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1056,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"gzsycfz.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sf16-va.tiktokcdn.com/obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/StoreHolder.png","fqdn":"sf16-va.tiktokcdn.com","domain":"tiktokcdn.com","tld":"com"},"ip":{"addr":"2.22.55.66","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.646Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokcdn.com","organization":""},"issuer":{"commonName":"RapidSSL TLS ECC CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 12 Mar 2026 00:00:00 GMT","end":"Sat, 26 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A9:C3:B7:47:40:78:CF:86:98:DC:CA:7F:86:25:55:24:18:EE:CD:2A","sha256":"A6:AB:6D:DF:58:71:C8:DC:08:42:BE:35:0B:4F:F4:AC:95:F4:B2:52:56:97:EA:18:BF:EC:B0:33:28:0D:80:DD"}}},"request":{"raw":"GET /obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/StoreHolder.png HTTP/1.1\r\nHost: sf16-va.tiktokcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 102773\r\naccept-ranges: bytes\r\ncontent-md5: I4MjopdhVv/6tvrEVI3PeQ==\r\netag: \"238323a2976156fffab6fac4548dcf79\"\r\nlast-modified: Tue, 27 May 2025 06:41:38 GMT\r\nx-bdcdn-cache-status: TCP_MISS,TCP_MISS\r\nx-tos-request-id: 54588e9181b95eff699181b9-ae92c84\r\nx-tos-response-time: Sun, 15 Feb 2026 08:20:09 GMT\r\nx-request-ip: fdbd:dc61:a:286::74\r\nx-response-cinfo: fdbd:dc61:a:286::74\r\nx-response-cache: miss\r\nx-tt-trace-host: 014ba87ed56d61a21e5caa6e626ed72965a04ac02a39a043c332806516977cd8ceabd3ac21ec4eb3a566a036e753df8b9c1b45a2e79137a2f696ba84a6f17522aa04e843968b050ee1825ccec08f187f14a0c9069163644290653500cd19a7e3067a978d2ec194b68eecf2cecea3d31e05\r\nx-tt-trace-id: 00-26021516200943707668EB1E862BE382-5621917A3D61918D-00\r\nserver: TLB\r\nx-tt-logid: 2026021516200943707668EB1E862BE382\r\nx-akamai-request-id: 3009d50.117e5ef3\r\ncache-control: max-age=2592000\r\nexpires: Sat, 16 May 2026 14:47:42 GMT\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\nx-cache: TCP_MISS from a2-22-55-55.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (-)\r\nx-cache-remote: TCP_HIT from a2-22-55-46.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=4, origin; dur=0, inner; dur=234\r\nx-parent-response-time: 17,184.27.176.48, 3,2.22.55.55\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":102773,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 565 x 999, 8-bit colormap, non-interlaced","md5":"238323a2976156fffab6fac4548dcf79","sha1":"665f5fd40ba423b018fb111f043f400854547e57","sha256":"d10436c67c7206ef5e2db1dfddeb770e74cd2a722e6be5eced08d5ad0a18627b","sha512":"133a1892e6290f6c5b8674267abdfab8a85dd450c8c789c76fc3a066b84a063945d76468afc8016605c4a34658b3c2c47787213bc0cc15fd4983cb8606fc9c1e","ssdeep":"3072:HJoNQIYvYo5CbDG+tEmgGUs9m3fx9XTjZL:HJcpeYo5CG+6mgGUvfx1N","tlshash":"8ea312add503c87284f616e5dede1df6e87487ae0ca50178ce652909cf05bafd122a0c","first_seen":"2025-01-28T12:57:32.241453Z","last_seen":"2026-04-22T12:22:42.006709Z","times_seen":575,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":216,"dns":0,"connect":0,"send":0,"wait":6,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p16-oec-sg.ibyteimg.com/tos-alisg-i-aphluv4xwc-sg/e89eefbaf7c0405197425abe8202fdd1~tplv-aphluv4xwc-origin-image.image","fqdn":"p16-oec-sg.ibyteimg.com","domain":"ibyteimg.com","tld":"com"},"ip":{"addr":"23.36.77.48","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ibyteimg.com","organization":""},"issuer":{"commonName":"RapidSSL TLS ECC CA G1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 16 Jun 2025 00:00:00 GMT","end":"Mon, 15 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:68:99:F7:11:99:E1:26:F3:58:F7:0B:38:2A:AB:E3:3F:B4:0D:35","sha256":"D3:AF:19:C8:00:FA:B8:E5:1E:07:1A:6F:74:F5:09:8A:4E:E6:B2:B7:A7:F8:D8:4F:93:13:86:CC:93:89:0F:AF"}}},"request":{"raw":"GET /tos-alisg-i-aphluv4xwc-sg/e89eefbaf7c0405197425abe8202fdd1~tplv-aphluv4xwc-origin-image.image HTTP/1.1\r\nHost: p16-oec-sg.ibyteimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 6245\r\nimagex-fmt: png2png\r\nlast-modified: Fri, 20 Feb 2026 22:00:28 GMT\r\nnw-session-id: 2026022106002860F68DE153A4E87D7973z49gh13df\r\nnw-session-trace: 2026-02-20T22:00:28.622731886Z 113\r\nx-bdcdn-cache-status: TCP_MISS\r\nx-length: 6245\r\nx-powered-by: ImageX\r\nx-response-date: Fri, 20 Feb 2026 22:00:28 GMT\r\nx-tt-logid: 2026022106002860F68DE153A4E87D7973\r\nx-request-ip: fdbd:dc53:24:403::34\r\nx-response-cinfo: fdbd:dc53:24:403::34\r\nx-response-cache: miss\r\nx-tt-trace-host: 01bf1c151f52191ec2b083bd14043fbc4397c69ba1462b05e8b1a646830369195423b106a6daf982f0aa9882ff9ac87bcfa653af174a9d5402579919bacb07e9df47d885e8a17bea36389edc38fb4cffc2faeadb67e1291e688c447c91d72aaecef05a46605ea1eaadb0a8f309595257cb\r\nx-tt-trace-id: 00-26022106002860F68DE153A4E87D7973-7924CB8CD461C5E9-00\r\nserver: TLB\r\ncache-control: max-age=29369172\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\nx-cache: TCP_HIT from a23-36-77-103.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=117\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nx-akamai-request-id: 4e6c5b7\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6245,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 440 x 440, 8-bit colormap, non-interlaced","md5":"166e5dbcf4fd1b0973a11e2dd55658d8","sha1":"322e4c155a803cbb3e3d5edfef36d9624f120ef8","sha256":"d80e8ca6a1419dc51e12e27cf58bbdec04aa6a687c773f50d1c4d0f9c8d6c71f","sha512":"bfd15afad02dd3fc5fbce14d90f486fec074518423d829cc1b07ceaa134e617262ef46bf3e1bc85c064d6b85be0a521228e6fea9ef431a52e5adc3195a9c99ff","ssdeep":"192:m1L8ISdQ/0UxBShe/e7VOIoJdW0+PCwKvmjMPCZ:m1HDV/eBO7JIPCwKqx","tlshash":"f4d19eefc7730af8d352997fc75e72a8551f692416ca231a60c6dd543e0ae1d8204e29","first_seen":"2025-01-28T12:57:32.267502Z","last_seen":"2026-04-22T12:22:42.014609Z","times_seen":583,"resource_available":false,"data":null}},"time_used":200,"timings":{"blocked":170,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sf16-va.tiktokcdn.com/obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/LIVE_Shopping.mp4","fqdn":"sf16-va.tiktokcdn.com","domain":"tiktokcdn.com","tld":"com"},"ip":{"addr":"2.22.55.66","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokcdn.com","organization":""},"issuer":{"commonName":"RapidSSL TLS ECC CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 12 Mar 2026 00:00:00 GMT","end":"Sat, 26 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A9:C3:B7:47:40:78:CF:86:98:DC:CA:7F:86:25:55:24:18:EE:CD:2A","sha256":"A6:AB:6D:DF:58:71:C8:DC:08:42:BE:35:0B:4F:F4:AC:95:F4:B2:52:56:97:EA:18:BF:EC:B0:33:28:0D:80:DD"}}},"request":{"raw":"GET /obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/LIVE_Shopping.mp4 HTTP/1.1\r\nHost: sf16-va.tiktokcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ncontent-type: video/mp4\r\naccept-ranges: bytes\r\ncontent-md5: V3Gmdrs/dOcI4l6hFKwuUw==\r\netag: \"5771a676bb3f74e708e25ea114ac2e53\"\r\nlast-modified: Tue, 27 May 2025 06:41:37 GMT\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-tos-request-id: aedd4a36593a36736836593a-abf41d0\r\nx-tos-response-time: Wed, 28 May 2025 00:30:50 GMT\r\nx-request-ip: fdbd:dc61:c:45::19\r\nx-response-cinfo: fdbd:dc61:c:45::19\r\nx-response-cache: edge_hit\r\nx-tt-trace-host: 018dda52d84c0db7edfa2dc2e7c7cc9dd5b62d0d88a668820b531f485800c8f85a75079bea18d5752659afe2f03fcbdcd83fc76b054c79c96f23b61c80385912df06f4f7d08d05f7555c7aa5d0afea797bca758ee3520895532afdd62b685123e86bc0bcb967d27991c6b153b53f6f227f\r\nx-tt-trace-id: 00-250528075912F9C164F83FEE251D9F62-3FE19226B1CD04B7-00\r\nserver: TLB\r\nx-tt-logid: 20250528075912F9C164F83FEE251D9F62\r\nx-akamai-request-id: 132df5a.117e5eda\r\ncache-control: max-age=2592000\r\nexpires: Sat, 16 May 2026 14:47:42 GMT\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-range: bytes 0-873047/873048\r\ncontent-length: 873048\r\nx-cache: TCP_MISS from a2-22-55-55.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (-)\r\nx-cache-remote: TCP_HIT from a2-22-55-127.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=4, origin; dur=0, inner; dur=1\r\nx-parent-response-time: 4,2.22.55.55\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":null,"data":{"size":873048,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"5771a676bb3f74e708e25ea114ac2e53","sha1":"e702e99eb079a4376b2919bad8a2351fb2bdb7bf","sha256":"2a7d7561479f5bcf35eb657be79e20464c1852ec40fa411edc280e4e71cbd2be","sha512":"137f05a0f5331cfc955a543b76965e025746f29976ff23eeec3825538cacdeab4af746acccc9ed4bcd353ba51a6c60ac8269bacf80c38a0d258245ad900e1329","ssdeep":"12288:qChmB2caCHktyXVAmChWJcbx/+RpEjotDgmpjbSQngpFyiDtCFN6Pfvq8mq/aDMW:K2clHkOVAxfx/+Runmp9ngpFygYFWaYw","tlshash":"bc05336721c73356c808913f3347016bfe71ee9ba12f83fb1a566ac88d631ec6895476","first_seen":"2025-01-28T12:57:32.263448Z","last_seen":"2026-04-22T12:22:42.04903Z","times_seen":566,"resource_available":false,"data":null}},"time_used":306,"timings":{"blocked":36,"dns":0,"connect":0,"send":0,"wait":66,"receive":204,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/js/83.97401b30.js","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.627Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gzsycfz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 06:51:15 GMT","end":"Fri, 22 May 2026 06:51:14 GMT"},"fingerprint":{"sha1":"41:70:26:A5:79:EA:A2:86:85:00:9A:E3:00:28:BA:92:B5:0D:9D:40","sha256":"C2:1A:8B:29:A1:44:BE:EB:11:9B:E4:80:D2:88:9F:A5:DA:13:76:51:28:40:89:6C:61:8C:6D:84:FC:74:EB:FB"}}},"request":{"raw":"GET /static/js/83.97401b30.js HTTP/1.1\r\nHost: gzsycfz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"530518-1749197948000\"\r\nlast-modified: Fri, 06 Jun 2025 08:19:08 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":530518,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65467)","md5":"9645b1f5ab1bf07083a13d39627de505","sha1":"74262c4077855e038042a7b30a61515811f247dd","sha256":"b442a68ba589101ee961131f60e5ff500213799774f9b510e892726a7c83ccea","sha512":"c6d68587d9ea87d2a2cb51eb0d7a1ee26c13ad30a6d35df9a05ef5ec1e33efdc088e6c4ca362f9084e099841b35d15492011a137134551fb9fe877d4960fcdc9","ssdeep":"6144:DRHbIYnZo0nf6lg9bPmEOuOcxOkuKoE+oZS:D1UY60Ci9bPpOWTYEtg","tlshash":"86b43acdb299702503e364b9903f110ab33a2a58744dc028f575e9e56cb994ea33bf7c","first_seen":"2025-01-28T12:57:32.280556Z","last_seen":"2026-04-22T12:22:42.025156Z","times_seen":537,"resource_available":true,"data":null}},"time_used":1059,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1059,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"gzsycfz.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:43.695Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://gzsycfz.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 37756\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 11 Apr 2026 02:00:50 GMT\r\nexpires: Sun, 11 Apr 2027 02:00:50 GMT\r\ncache-control: public, max-age=31536000\r\nage: 478013\r\nlast-modified: Thu, 04 Sep 2025 17:09:21 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":37756,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 37756, version 1.0","md5":"8a6a885dd57e60ddd85f3190737fa209","sha1":"dbca56b7fe8ee5e4bfb648d639fc6a3bfc5c6e85","sha256":"b9b102f608e8252e3c1e7287309832b16af7dcc6e788651fa503a3faacd7fb2f","sha512":"2bd785869777dc57dbb5934d4c6915b66f89746dd79897820eb4bbd0d262b2612bafdfb07c1e092658ad819f582a97e6a196531f74187d8a0b0bbd07fcbba56a","ssdeep":"768:sqRKhgpCf9U72WeD4A/5IqtBr0ikGvEaQh38/LBu3Emdc043RpgZKMqjkEfO1m:jKgp+9U7Ve8A/7Ai9Et3EBKEUE3RqMMu","tlshash":"3e030130df5884edcc0ba371fdeea81fc7a332a594c0b3368297af1b80111499d99e49","first_seen":"2025-09-05T00:25:10.258656Z","last_seen":"2026-04-23T15:15:28.661943Z","times_seen":345984,"resource_available":false,"data":null}},"time_used":277,"timings":{"blocked":128,"dns":1,"connect":21,"send":0,"wait":18,"receive":2,"ssl":104},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/js/lib-react.235b4836.js","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.623Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gzsycfz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 06:51:15 GMT","end":"Fri, 22 May 2026 06:51:14 GMT"},"fingerprint":{"sha1":"41:70:26:A5:79:EA:A2:86:85:00:9A:E3:00:28:BA:92:B5:0D:9D:40","sha256":"C2:1A:8B:29:A1:44:BE:EB:11:9B:E4:80:D2:88:9F:A5:DA:13:76:51:28:40:89:6C:61:8C:6D:84:FC:74:EB:FB"}}},"request":{"raw":"GET /static/js/lib-react.235b4836.js HTTP/1.1\r\nHost: gzsycfz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"140018-1749197948000\"\r\nlast-modified: Fri, 06 Jun 2025 08:19:08 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":140018,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65460)","md5":"6c194b12793a2436efb1f3ce1c674b69","sha1":"2bc65388297613de6cc4622a771e5e001f2d95bc","sha256":"181d18351e54581117e789445bcaa5d7477257c510189767d4d3e04c56bed549","sha512":"da45dc947f923d79a04277c08f915f575fe3a573a8dd4a1c92caf693c74110db65ca697c9af4722412691ed7659732ca9d34fcf2771d378cc2391a7dfe507ca4","ssdeep":"1536:Wv4kq5k79fohxQlV0vMYbAJnfMhnia9Toy7U6SLdl8eIUZQeY:WVX0OnEboy7U6S72eY","tlshash":"79d306e83996f5516ab7126700ef1807733c1a1b280c89a0a615fd8e75f842eb17bfdd","first_seen":"2024-09-28T07:23:58.462117Z","last_seen":"2026-04-22T12:22:42.005536Z","times_seen":582,"resource_available":true,"data":null}},"time_used":1060,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1060,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"gzsycfz.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/picture/f9de5c284df74f4e82273530670802fd.png","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gzsycfz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 06:51:15 GMT","end":"Fri, 22 May 2026 06:51:14 GMT"},"fingerprint":{"sha1":"41:70:26:A5:79:EA:A2:86:85:00:9A:E3:00:28:BA:92:B5:0D:9D:40","sha256":"C2:1A:8B:29:A1:44:BE:EB:11:9B:E4:80:D2:88:9F:A5:DA:13:76:51:28:40:89:6C:61:8C:6D:84:FC:74:EB:FB"}}},"request":{"raw":"GET /static/picture/f9de5c284df74f4e82273530670802fd.png HTTP/1.1\r\nHost: gzsycfz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"3695-1749197948000\"\r\nlast-modified: Fri, 06 Jun 2025 08:19:08 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3695,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 193 x 192, 8-bit/color RGBA, non-interlaced","md5":"33e2a0f08c8953e1b848c1cce59a97cd","sha1":"d74aee59026b7f8fa4da441ca2ddcf9cb478f4d2","sha256":"e2cb4cd6376a8df609b1ef54e0305548bac38b0b432c2bf6da1177024bffa906","sha512":"ba09dadcb25209aabcbc67b07e3a742b287e335d475eefd63a4972a132941ab108109b31a2edebb9b2a64fa0141ace99ad5f204b3befcc4d7bbce48df9d794e3","ssdeep":"","tlshash":"c7716cc4b26bb2cfe8009b3bd1db8420444776b519251d88f4a4873b58fcfd99a65297","first_seen":"2024-11-19T07:54:21.356719Z","last_seen":"2026-04-22T12:22:41.999057Z","times_seen":554,"resource_available":false,"data":null}},"time_used":1054,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1054,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"gzsycfz.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/picture/bebdcec3159f43b7ab2f4d3f309ec517.png","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gzsycfz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 06:51:15 GMT","end":"Fri, 22 May 2026 06:51:14 GMT"},"fingerprint":{"sha1":"41:70:26:A5:79:EA:A2:86:85:00:9A:E3:00:28:BA:92:B5:0D:9D:40","sha256":"C2:1A:8B:29:A1:44:BE:EB:11:9B:E4:80:D2:88:9F:A5:DA:13:76:51:28:40:89:6C:61:8C:6D:84:FC:74:EB:FB"}}},"request":{"raw":"GET /static/picture/bebdcec3159f43b7ab2f4d3f309ec517.png HTTP/1.1\r\nHost: gzsycfz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-type: image/png\r\ncontent-length: 946\r\netag: W/\"946-1749197948000\"\r\nlast-modified: Fri, 06 Jun 2025 08:19:08 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":946,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 4-bit colormap, non-interlaced","md5":"9b5a17c67cbc1549d6bdf73e2bdaa365","sha1":"ffa95311b78f38654ad36c9e8a3f9a4509b8a9f8","sha256":"f59595016494e5ae8575a4cb710acb88f000355de381a1d7b0df5a3449c041bb","sha512":"42b55b8293c33a9c4126f470ada83ec6fc4a61e8d8bba8e633559e82513f6b893c0da7cfb492745ca204b74325a97cfa8016fa49a116c4a4b7b643ed1a652573","ssdeep":"","tlshash":"c31194b77c002e645f5e6abac049907cd41871a97ec652168227d42276b4b809542b2a","first_seen":"2025-01-28T12:57:32.302913Z","last_seen":"2026-04-22T12:22:42.007309Z","times_seen":560,"resource_available":false,"data":null}},"time_used":8529,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1030,"receive":7499,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"gzsycfz.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/mp4/TKMALL_ZIP.mp4","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gzsycfz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 06:51:15 GMT","end":"Fri, 22 May 2026 06:51:14 GMT"},"fingerprint":{"sha1":"41:70:26:A5:79:EA:A2:86:85:00:9A:E3:00:28:BA:92:B5:0D:9D:40","sha256":"C2:1A:8B:29:A1:44:BE:EB:11:9B:E4:80:D2:88:9F:A5:DA:13:76:51:28:40:89:6C:61:8C:6D:84:FC:74:EB:FB"}}},"request":{"raw":"GET /static/mp4/TKMALL_ZIP.mp4 HTTP/1.1\r\nHost: gzsycfz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 16748855\r\netag: W/\"16748855-1749268218000\"\r\nlast-modified: Sat, 07 Jun 2025 03:50:18 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-range: bytes 0-16748854/16748855\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":54396,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"ade5f3cafdde735e1007ad2e527a697e","sha1":"6497e0177dc7e3e02edbffa01c5787a0bb79bd3b","sha256":"fce1611edf3df26e7e28f94b3bc862572f59405825c2a225a13cfa88b6da7b24","sha512":"80401bed69afc1a9d58e0ec476deb20fb5d11f8a95871481c121a8bda8e13a06df68f36700e5c93ea96b85d2a52f7f13fe613e57f45b8c571b3a800ad82d0be0","ssdeep":"1536:OCOHSH2WSYnocTj7/Mjncm06MCKa1s0xHfJ9aIOg+KcgD/g:KHZWVnooy06f7HBs/Ccx","tlshash":"4e330256eec82b4cfd3003b5a312a875b5c9f10fa5f90fdf1a290e4c451da9259b9f21","first_seen":"2026-04-16T14:48:17.523394Z","last_seen":"2026-04-16T14:48:17.523394Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3020,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":945,"receive":2075,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"gzsycfz.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sf16-va.tiktokcdn.com/obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/shoptab.mp4","fqdn":"sf16-va.tiktokcdn.com","domain":"tiktokcdn.com","tld":"com"},"ip":{"addr":"2.22.55.66","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokcdn.com","organization":""},"issuer":{"commonName":"RapidSSL TLS ECC CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 12 Mar 2026 00:00:00 GMT","end":"Sat, 26 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A9:C3:B7:47:40:78:CF:86:98:DC:CA:7F:86:25:55:24:18:EE:CD:2A","sha256":"A6:AB:6D:DF:58:71:C8:DC:08:42:BE:35:0B:4F:F4:AC:95:F4:B2:52:56:97:EA:18:BF:EC:B0:33:28:0D:80:DD"}}},"request":{"raw":"GET /obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/shoptab.mp4 HTTP/1.1\r\nHost: sf16-va.tiktokcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ncontent-type: video/mp4\r\naccept-ranges: bytes\r\ncontent-md5: tZEIsBAj1beG6z5aizUw8Q==\r\netag: \"b59108b01023d5b786eb3e5a8b3530f1\"\r\nlast-modified: Tue, 27 May 2025 06:41:38 GMT\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-tos-request-id: 6f15525f5516a297685f5516-a364698\r\nx-tos-response-time: Sat, 28 Jun 2025 02:36:06 GMT\r\nx-request-ip: fdbd:dc61:5:314::210\r\nx-response-cinfo: fdbd:dc61:5:314::210\r\nx-response-cache: edge_hit\r\nx-tt-trace-host: 01e21d16cfc1b32daad76cc2f7d92e5e6c8170291f0962fdd0be2b329555307ab1b95e574df352bdcbc1e43aae1d52026d523757ba33d0aecc9ab59e18da6ff116de52440c27c68a76b24aafb42961ce12a69a1a8752cd0758374a061177b781c74be10fadfcf71c65beb74e5515fef76f8647d71e43819a99351d2926be0a661c\r\nx-tt-trace-id: 00-250628234123A84FD1321ED7C675975F-0246E34A74C7E67C-00\r\nserver: TLB\r\nx-tt-logid: 20250628234123A84FD1321ED7C675975F\r\nx-akamai-request-id: 43ccf3.117e5ed6\r\ncache-control: max-age=2592000\r\nexpires: Sat, 16 May 2026 14:47:42 GMT\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-range: bytes 0-1104895/1104896\r\ncontent-length: 1104896\r\nx-cache: TCP_MISS from a2-22-55-55.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (-)\r\nx-cache-remote: TCP_HIT from a2-22-55-70.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=5, origin; dur=0, inner; dur=2\r\nx-parent-response-time: 37,184.27.176.31, 4,2.22.55.55\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":null,"data":{"size":1104896,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"2acdd6b1d469e23e5633e558ab29e2d3","sha1":"352929ffe5f32eb0aa9d071032d457b40fc2b8d2","sha256":"c16175227ab495ac2272bc2472e1d470fca3935983c5908abe5dd6113a7c030f","sha512":"0466f354e4ac9656b8c0f5aa887a8cec2c0c2c434b252e722f30ca4aaa980e429a6d260ad814ddbe1e08da18eb7add194cb31ca85b16c0ae946a76581fd68a86","ssdeep":"24576:+tFerzd/+CBXQnQMwa1Qpno2PG7JarFJs1+ltwqK7:+tF+d/+NnQMwa1Q68GVoFJsIltq","tlshash":"bd25334887ce7497ffb542f0235a5fa4962bdc44249c13f3065b807e27ab62524f4abd","first_seen":"2025-07-26T16:59:32.404364Z","last_seen":"2026-04-22T12:22:42.018061Z","times_seen":365,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":32,"dns":0,"connect":0,"send":0,"wait":12,"receive":196,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sf16-va.tiktokcdn.com/obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/Shoppable_video.mp4","fqdn":"sf16-va.tiktokcdn.com","domain":"tiktokcdn.com","tld":"com"},"ip":{"addr":"2.22.55.66","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:43.279Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokcdn.com","organization":""},"issuer":{"commonName":"RapidSSL TLS ECC CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 12 Mar 2026 00:00:00 GMT","end":"Sat, 26 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A9:C3:B7:47:40:78:CF:86:98:DC:CA:7F:86:25:55:24:18:EE:CD:2A","sha256":"A6:AB:6D:DF:58:71:C8:DC:08:42:BE:35:0B:4F:F4:AC:95:F4:B2:52:56:97:EA:18:BF:EC:B0:33:28:0D:80:DD"}}},"request":{"raw":"GET /obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/Shoppable_video.mp4 HTTP/1.1\r\nHost: sf16-va.tiktokcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=786432-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ncontent-type: video/mp4\r\naccept-ranges: bytes\r\ncontent-md5: /HGrKb5Yc5aqaisvFTjb4g==\r\netag: \"fc71ab29be587396aa6a2b2f1538dbe2\"\r\nlast-modified: Tue, 27 May 2025 06:41:37 GMT\r\nx-bdcdn-cache-status: TCP_MISS\r\nx-tos-request-id: 9a56fd3be79496a9683be794-abf3845\r\nx-tos-response-time: Sun, 01 Jun 2025 05:39:32 GMT\r\nx-request-ip: fdbd:dc61:10:287::142\r\nx-response-cinfo: fdbd:dc61:10:287::142\r\nx-response-cache: miss\r\nx-tt-trace-host: 019f4d56ef8772b527ff2e740eaf2429fd311f3b6b905bf43de616f45ce190e8e336fb8eb813e8b57e110836ea7ff8434f7f9161efdc0cbbba1812c713af4351da07c1157a65d432a3fdc3c966d4e4b3b492f7b5c6ffa4f527e63ee9909714ac03eb95e95cfe4ff77b3f6ec02b642f4e461d06379b219ddea0434864d294bc9e91\r\nx-tt-trace-id: 00-250601053931AD7E83F871D25BD3AC6E-6E570EA19DA2D1A1-00\r\nserver: TLB\r\nx-tt-logid: 20250601053931AD7E83F871D25BD3AC6E\r\nx-parent-response-time: 9,184.27.176.38\r\ncache-control: max-age=2592000\r\nexpires: Sat, 16 May 2026 14:47:43 GMT\r\ndate: Thu, 16 Apr 2026 14:47:43 GMT\r\ncontent-range: bytes 786432-821478/821479\r\ncontent-length: 35047\r\nx-cache: TCP_HIT from a2-22-55-55.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=108\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nx-akamai-request-id: 117e5f2d\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":null,"data":{"size":35047,"size_decoded":0,"mime_type":"video/mp4","magic":"data","md5":"a7549e06625d65b0a7bfedd880c393c1","sha1":"20937232f8aeebcead8bfacc31fc43069cdce059","sha256":"243a4d851d2b29855f35f5de19aff6858d2fe502990ca312b247b55387213eb6","sha512":"e539891a288c60c63df48084b604763d9fb4b93ee64eba274921f0a9a7dea61aef0841e42bf981107bb1576beea9906a0f467c65377ffd6202dbb84cc0848b48","ssdeep":"768:lZkdVz/dEVeAsekeFE4XAkUh4nRTc9t9sXEgaSN+R/57wCOnUa+0Swu+tYqz/uc3:l+dVzdEVeAsekeFHXzUh4nRI5sXh5N+a","tlshash":"41f29d8867c32c8bc6266a3120d207493b75cd99e7cf5787835393ce5e5a2613ead2d8","first_seen":"2025-06-01T11:33:46.974178Z","last_seen":"2026-04-16T14:48:17.527448Z","times_seen":19,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/image/4d5d4b724db84f0cb906c728ab7ea3c0.png","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:43.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gzsycfz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 06:51:15 GMT","end":"Fri, 22 May 2026 06:51:14 GMT"},"fingerprint":{"sha1":"41:70:26:A5:79:EA:A2:86:85:00:9A:E3:00:28:BA:92:B5:0D:9D:40","sha256":"C2:1A:8B:29:A1:44:BE:EB:11:9B:E4:80:D2:88:9F:A5:DA:13:76:51:28:40:89:6C:61:8C:6D:84:FC:74:EB:FB"}}},"request":{"raw":"GET /static/image/4d5d4b724db84f0cb906c728ab7ea3c0.png HTTP/1.1\r\nHost: gzsycfz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 16 Apr 2026 14:47:43 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"478429-1749197948000\"\r\nlast-modified: Fri, 06 Jun 2025 08:19:08 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":478429,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 960 x 1196, 8-bit colormap, non-interlaced","md5":"30aa97c1e36015f017016ff4a8c7989f","sha1":"7cbbdba28cefc8133a3c347415ce34da09518603","sha256":"4bd5eae5a0c343511df6ad86d927aee4b897560d5a9cbcd89e57391dfeaab90a","sha512":"e98994d3afe11679f9e0a64a533cb81551cf126a6757613f33d555ebf7f15f28a7a9d9ee8afa983c243654e62a7b863fbef77f1266d328ca3a00226f6fe558d1","ssdeep":"6144:nzK9Xy0nuh3I6UTx2xp5AW2jD1Kj550Nl2pVQDgxUtycl9myAoN0ZN7abt+BzZxb:nWR3uXUYGDM95KlQQDGKyw9mugV0GF","tlshash":"82a4237887346fcd111591ebeaa85d862d5a8f15ba0d9ae300e7fdda530814b31eec33","first_seen":"2025-01-28T12:57:32.35738Z","last_seen":"2026-04-22T12:22:42.019091Z","times_seen":536,"resource_available":false,"data":null}},"time_used":1637,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1637,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"gzsycfz.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/matashop2.svg","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:47.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gzsycfz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 06:51:15 GMT","end":"Fri, 22 May 2026 06:51:14 GMT"},"fingerprint":{"sha1":"41:70:26:A5:79:EA:A2:86:85:00:9A:E3:00:28:BA:92:B5:0D:9D:40","sha256":"C2:1A:8B:29:A1:44:BE:EB:11:9B:E4:80:D2:88:9F:A5:DA:13:76:51:28:40:89:6C:61:8C:6D:84:FC:74:EB:FB"}}},"request":{"raw":"GET /matashop2.svg HTTP/1.1\r\nHost: gzsycfz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 16 Apr 2026 14:47:47 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 729\r\netag: W/\"729-1749197948000\"\r\nlast-modified: Fri, 06 Jun 2025 08:19:08 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":729,"size_decoded":0,"mime_type":"image/svg+xml","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (621), with no line terminators","md5":"76c0096f13687d36a142bebb97727524","sha1":"bd2fe6f237b7590b3be85fb6089ba1f60ce1e715","sha256":"a83030462625ba852414a5793068341f044aa5778781043d31eeb80e3f1fc342","sha512":"207e38a48b7d6b651588d6d4cfef90b38faf369bf2b7a8431793ac059cb9357269687851298846b90d634160d595860b2fa412c597d15895bbf6f4f8cdfea771","ssdeep":"","tlshash":"a6011079d00a4646be7948fb62912fe43109d883c6f20f25b8549de8f8ca8613b31a4d","first_seen":"2025-06-28T11:01:09.97987Z","last_seen":"2026-04-21T20:01:16.390127Z","times_seen":117,"resource_available":false,"data":null}},"time_used":1226,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1018,"receive":208,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"gzsycfz.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/js/lib-polyfill.144bde91.js","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.621Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gzsycfz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 06:51:15 GMT","end":"Fri, 22 May 2026 06:51:14 GMT"},"fingerprint":{"sha1":"41:70:26:A5:79:EA:A2:86:85:00:9A:E3:00:28:BA:92:B5:0D:9D:40","sha256":"C2:1A:8B:29:A1:44:BE:EB:11:9B:E4:80:D2:88:9F:A5:DA:13:76:51:28:40:89:6C:61:8C:6D:84:FC:74:EB:FB"}}},"request":{"raw":"GET /static/js/lib-polyfill.144bde91.js HTTP/1.1\r\nHost: gzsycfz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"247143-1749197948000\"\r\nlast-modified: Fri, 06 Jun 2025 08:19:08 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":247143,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"4d409a82f1fd1ccdb4146719442dc76f","sha1":"513830bb776dc7f35be3c4259dabcac2b5c3aab8","sha256":"c5425790d0cba801d53c4e17a27acb6897f5b3908397ef6f803140dfb408b003","sha512":"806134eebc7ff56dfaf3e8d0ba7089aba86c57599e490edcb5b87221b7598aa2a35587a5b12443b2ed14acd0c66d9ba8c6e0ab1c787a984e9e8ab49a02774e78","ssdeep":"3072:la0q8CJLo4Mhy7a2O+MqOTkhMaJt+iFjvGW:m8YwhycmjjvGW","tlshash":"dd34b988b292f0e64bf264d4407f8407f1771a64a44da851ffa1d884687bd4fb07babd","first_seen":"2024-09-28T07:23:58.455437Z","last_seen":"2026-04-22T12:22:42.047506Z","times_seen":581,"resource_available":true,"data":null}},"time_used":1060,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1060,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"gzsycfz.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sf16-va.tiktokcdn.com/obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/StatisticNumber/2.mp4","fqdn":"sf16-va.tiktokcdn.com","domain":"tiktokcdn.com","tld":"com"},"ip":{"addr":"2.22.55.66","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.712Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokcdn.com","organization":""},"issuer":{"commonName":"RapidSSL TLS ECC CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 12 Mar 2026 00:00:00 GMT","end":"Sat, 26 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A9:C3:B7:47:40:78:CF:86:98:DC:CA:7F:86:25:55:24:18:EE:CD:2A","sha256":"A6:AB:6D:DF:58:71:C8:DC:08:42:BE:35:0B:4F:F4:AC:95:F4:B2:52:56:97:EA:18:BF:EC:B0:33:28:0D:80:DD"}}},"request":{"raw":"GET /obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/StatisticNumber/2.mp4 HTTP/1.1\r\nHost: sf16-va.tiktokcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ncontent-type: video/mp4\r\naccept-ranges: bytes\r\ncontent-md5: erv9UDZ3asmee91Z8Ocz0A==\r\netag: \"7abbfd5036776ac99e7bdd59f0e733d0\"\r\nlast-modified: Tue, 27 May 2025 06:41:38 GMT\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-tos-request-id: be5b91398f40b01568398f40-fdbdgdc61g18g177gg17\r\nx-tos-response-time: Fri, 30 May 2025 10:58:09 GMT\r\nx-request-ip: fdbd:dc61:7:149::23\r\nx-response-cinfo: fdbd:dc61:7:149::23\r\nx-response-cache: edge_hit\r\nx-tt-trace-host: 01c777f8d00428c0ef263014377b7f8cc5a03e85aa560c0186e34e9b0a37725fc42e016db07016bace0f99cd3a0f53a1b49b895efb2c77c471d1bb7b652daa0ace129283222dbb42e4fac9f45d51db0c8b20ce9885edd506b763998773fb51caf112dff34f205ef4fce76fe8de6fc9c598cb4ce309af22a6d241ec5f2c90b645a3\r\nx-tt-trace-id: 00-2505310901053A5FF392F057ECB6CA17-282640AFED608DCD-00\r\nserver: TLB\r\nx-tt-logid: 202505310901053A5FF392F057ECB6CA17\r\nx-akamai-request-id: 1d91996.117e5ed8\r\ncache-control: max-age=2592000\r\nexpires: Sat, 16 May 2026 14:47:42 GMT\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-range: bytes 0-127233/127234\r\ncontent-length: 127234\r\nx-cache: TCP_MISS from a2-22-55-55.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (-)\r\nx-cache-remote: TCP_HIT from a2-22-55-20.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=4, origin; dur=0, inner; dur=2\r\nx-parent-response-time: 4,23.61.206.68, 2,2.22.55.55\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":null,"data":{"size":127234,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"7abbfd5036776ac99e7bdd59f0e733d0","sha1":"a7d1d7fd53c0c4b915629b030457df1bc95b2089","sha256":"2967fb76be6f7294c8e8f2967b389baa6778ba2cb7f6141dadcf996c92c6edff","sha512":"44ace5efe320457849c3551a7673218747545029462f06137417c9fa4100107f4d72f29413b8a264b24cd8547478fc85e1409a69a6efecfac14aa9c61460d3f7","ssdeep":"3072:SSV3L96dIRQMlSBNNMuuM6OGDK0dAzenBZwafQ:SSV3BlcVuM6rKcAzeYafQ","tlshash":"12c3f172a6c02937ec74733320ea62436745a064a0796bd77c9e8135cfb92eb5f92c94","first_seen":"2025-01-28T12:57:32.249392Z","last_seen":"2026-04-22T12:22:42.018594Z","times_seen":581,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":28,"dns":0,"connect":0,"send":0,"wait":11,"receive":55,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sf16-va.tiktokcdn.com/obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/StatisticNumber/3.mp4","fqdn":"sf16-va.tiktokcdn.com","domain":"tiktokcdn.com","tld":"com"},"ip":{"addr":"2.22.55.66","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.714Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokcdn.com","organization":""},"issuer":{"commonName":"RapidSSL TLS ECC CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 12 Mar 2026 00:00:00 GMT","end":"Sat, 26 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A9:C3:B7:47:40:78:CF:86:98:DC:CA:7F:86:25:55:24:18:EE:CD:2A","sha256":"A6:AB:6D:DF:58:71:C8:DC:08:42:BE:35:0B:4F:F4:AC:95:F4:B2:52:56:97:EA:18:BF:EC:B0:33:28:0D:80:DD"}}},"request":{"raw":"GET /obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/StatisticNumber/3.mp4 HTTP/1.1\r\nHost: sf16-va.tiktokcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ncontent-type: video/mp4\r\naccept-ranges: bytes\r\ncontent-md5: 4H1t79Mq04BMA1tgc3uvQw==\r\netag: \"e07d6defd32ad3804c035b60737baf43\"\r\nlast-modified: Tue, 27 May 2025 06:41:38 GMT\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-tos-request-id: 625d203908ec209a683908ec-a362d28\r\nx-tos-response-time: Fri, 30 May 2025 01:25:05 GMT\r\nx-request-ip: fdbd:dc61:5:308::66\r\nx-response-cinfo: fdbd:dc61:5:308::66\r\nx-response-cache: edge_hit\r\nx-tt-trace-host: 019c3d20f855fa773934976d96ab061657313d5acc0e2835840844ec69567424e8fea77e4dd42edc9d55013c664c912c63ac28999e3abfbebc7bc0586b403474f207e1f3759e29575636aa67a54831eaee1e77405b149afae7505423dd2b3d4a859ada79a3b20f3f411f4357c3709dcd98\r\nx-tt-trace-id: 00-250530060004E5078BEFAA71F13BEFE7-6D0765830273E575-00\r\nserver: TLB\r\nx-tt-logid: 20250530060004E5078BEFAA71F13BEFE7\r\nx-akamai-request-id: 93ba05a.117e5ed9\r\ncache-control: max-age=2592000\r\nexpires: Sat, 16 May 2026 14:47:42 GMT\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-range: bytes 0-186491/186492\r\ncontent-length: 186492\r\nx-cache: TCP_MISS from a2-22-55-55.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (-)\r\nx-cache-remote: TCP_HIT from a2-22-55-77.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=4, origin; dur=0, inner; dur=1\r\nx-parent-response-time: 13,184.27.176.7, 4,2.22.55.55\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":null,"data":{"size":186492,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"e07d6defd32ad3804c035b60737baf43","sha1":"250d3a10c49077d62f168b0ce1d7b0d3f2653205","sha256":"077f3502a396fadd98a2daf1500b6d4a0788ed88d82cd0e3f3f503c078408590","sha512":"4f974d0324951f687a5ca7998033da50b70096220e7e809934149c103685843104163173e9b7551ad405e1515c03ce5b1cdafdea54ed8b3d183a3dc26b957772","ssdeep":"3072:t6qvF+fdgX2GwFo3X9oxNrEduhECunrw2c1MjH7a8R95TMlLfoYNAnVw+:gqNrf+xNr+w2coH7Fn7","tlshash":"6604f1f663e5297efd79bfb349f050832a07daa192b80bc7bd9d24404fa16950f01d98","first_seen":"2025-01-28T12:57:32.252897Z","last_seen":"2026-04-22T12:22:42.041312Z","times_seen":581,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":27,"dns":0,"connect":0,"send":0,"wait":66,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/js/lib-arco.afd3802c.js","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gzsycfz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 06:51:15 GMT","end":"Fri, 22 May 2026 06:51:14 GMT"},"fingerprint":{"sha1":"41:70:26:A5:79:EA:A2:86:85:00:9A:E3:00:28:BA:92:B5:0D:9D:40","sha256":"C2:1A:8B:29:A1:44:BE:EB:11:9B:E4:80:D2:88:9F:A5:DA:13:76:51:28:40:89:6C:61:8C:6D:84:FC:74:EB:FB"}}},"request":{"raw":"GET /static/js/lib-arco.afd3802c.js HTTP/1.1\r\nHost: gzsycfz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"295368-1749197948000\"\r\nlast-modified: Fri, 06 Jun 2025 08:19:08 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":295368,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"66296ae08db9dce0b0ec23e84f1cfa82","sha1":"bbfb60f99fc2b9d2cd418c0ef49790688f83d47b","sha256":"4167eb82e602d4d57bf9d4c41cfd52696be67c0e53cf870b1a48ddbe76847cb5","sha512":"78f0bb30c14c0471032453920e4dce8674bad7f260839843e3892e659e9bf04528767e6eeb6d506535cee8af6595546886318bb95369f8787ad21512749cd373","ssdeep":"3072:IgXb9MtoaJJAtDW6Wu8HI83tcWJpaWJA9H2LvVbEmpNkcsQREkjFNdIw0XhJsBk:e337JpaWJA9H2LvVbn9sQREkuw8ek","tlshash":"13542dd87254b0a593fb41b6803f180ef33b361cb8398d50e2b5e8d474a5649a52bfbd","first_seen":"2024-09-28T07:23:58.35934Z","last_seen":"2026-04-22T12:22:42.013756Z","times_seen":583,"resource_available":true,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":246,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"gzsycfz.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/picture/right.png","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gzsycfz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 06:51:15 GMT","end":"Fri, 22 May 2026 06:51:14 GMT"},"fingerprint":{"sha1":"41:70:26:A5:79:EA:A2:86:85:00:9A:E3:00:28:BA:92:B5:0D:9D:40","sha256":"C2:1A:8B:29:A1:44:BE:EB:11:9B:E4:80:D2:88:9F:A5:DA:13:76:51:28:40:89:6C:61:8C:6D:84:FC:74:EB:FB"}}},"request":{"raw":"GET /static/picture/right.png HTTP/1.1\r\nHost: gzsycfz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"159809-1749197948000\"\r\nlast-modified: Fri, 06 Jun 2025 08:19:08 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":159809,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 480 x 856, 8-bit colormap, non-interlaced","md5":"8d20adbac9e57d69b5176d6f1f2712a0","sha1":"fad8823cc30c7992af981a8ff8a989da3c3a9582","sha256":"da2acc95916ee3c297a16e39bbd72cc593d1da394c57cbe19450034867ca25e8","sha512":"4501e258f3fa38a7d05845572e2b8a426b3e8c2e984dd78eb01b5ab72176cad30ba5f74751e53a450f017fad90605b14a7bc986e4a9c092110409925a916469f","ssdeep":"3072:glI3NvkqTnGnaqlv7PyMkAQBlZEzzCiDAIzXCEL5FtMqc14:B3NsqTnGnJvIlZEzzC0rN5FtDR","tlshash":"75f313665d1d1ed36c55bbc7ce43a562062c7c45f4c8d25a84b3508bba2b2bbf4f48c4","first_seen":"2024-11-19T07:54:21.378091Z","last_seen":"2026-04-22T12:22:41.994244Z","times_seen":500,"resource_available":false,"data":null}},"time_used":1056,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1056,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"gzsycfz.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/picture/8ea836f9a8c44e2693e28007382e504a.png","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gzsycfz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 06:51:15 GMT","end":"Fri, 22 May 2026 06:51:14 GMT"},"fingerprint":{"sha1":"41:70:26:A5:79:EA:A2:86:85:00:9A:E3:00:28:BA:92:B5:0D:9D:40","sha256":"C2:1A:8B:29:A1:44:BE:EB:11:9B:E4:80:D2:88:9F:A5:DA:13:76:51:28:40:89:6C:61:8C:6D:84:FC:74:EB:FB"}}},"request":{"raw":"GET /static/picture/8ea836f9a8c44e2693e28007382e504a.png HTTP/1.1\r\nHost: gzsycfz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"4687-1749197948000\"\r\nlast-modified: Fri, 06 Jun 2025 08:19:08 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4687,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 193 x 192, 8-bit/color RGBA, non-interlaced","md5":"3cfe19ee2948dc3d801afc4b6c25339f","sha1":"1e908d24b3bb21908191a504c74ee0be3e3a4d2c","sha256":"e71399ca790a567d6f46af5c957a8a4fbd3631a19f9d7c527cc82e57a4048cfe","sha512":"5632e7dff15dfc0b4f46526316d8ae3c432186f1d93c09ca3705c119eee3403fff465bd928c4858de2c8df0ab25588ba8072ca07f91b54b7d5c373292676d2b3","ssdeep":"96:BGTOMOPApcEyL+sCKjU1gjfe/2dYwZveG9evGEHK1:wT2YpcVdbc2dYwZveKetq1","tlshash":"aba18ef8b661c7fdb42d39b13a922c4bf51914c709e88f0eda4e4d5c908bd08d537682","first_seen":"2024-08-19T16:11:10.100895Z","last_seen":"2026-04-22T12:22:42.03667Z","times_seen":595,"resource_available":false,"data":null}},"time_used":1055,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1055,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"gzsycfz.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gzsycfz.com/static/picture/a5541bc32521444297734d1941980fb1.png","fqdn":"gzsycfz.com","domain":"gzsycfz.com","tld":"com"},"ip":{"addr":"45.135.237.29","port":443,"asn":140683,"as":"Starbow Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.647Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gzsycfz.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Feb 2026 06:51:15 GMT","end":"Fri, 22 May 2026 06:51:14 GMT"},"fingerprint":{"sha1":"41:70:26:A5:79:EA:A2:86:85:00:9A:E3:00:28:BA:92:B5:0D:9D:40","sha256":"C2:1A:8B:29:A1:44:BE:EB:11:9B:E4:80:D2:88:9F:A5:DA:13:76:51:28:40:89:6C:61:8C:6D:84:FC:74:EB:FB"}}},"request":{"raw":"GET /static/picture/a5541bc32521444297734d1941980fb1.png HTTP/1.1\r\nHost: gzsycfz.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-type: image/png\r\ncontent-length: 692\r\netag: W/\"692-1749197948000\"\r\nlast-modified: Fri, 06 Jun 2025 08:19:08 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":692,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit colormap, non-interlaced","md5":"ff07113820ad52c6e5c0f75c21428f3b","sha1":"271ed7252f4d39d46d2ef4e48edf2b04c27b67ec","sha256":"976c68a350447bfd3796db2baae82188c022cf70d5c409e0879a2e6008e5fc7f","sha512":"6fef03bb55bf09f188ac672f38143bfc9c3dd605c09b2a9ca96f638b944ff76ad64c1efe46b6c635b456fbc8521a645253e15287a5570ac8a9108ee558e19851","ssdeep":"","tlshash":"210144c7c9913476f9d2fc7142bda801cc18df3a4e228113491884f66165b43b95e7bf","first_seen":"2025-01-28T12:57:32.307069Z","last_seen":"2026-04-22T12:22:42.04509Z","times_seen":560,"resource_available":false,"data":null}},"time_used":8550,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1051,"receive":7499,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-16","alert":"Phishing Block","trigger":"gzsycfz.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"gzsycfz.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sf16-va.tiktokcdn.com/obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/Store_page_new.mp4","fqdn":"sf16-va.tiktokcdn.com","domain":"tiktokcdn.com","tld":"com"},"ip":{"addr":"2.22.55.66","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://gzsycfz.com/","date":"2026-04-16T14:47:42.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokcdn.com","organization":""},"issuer":{"commonName":"RapidSSL TLS ECC CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 12 Mar 2026 00:00:00 GMT","end":"Sat, 26 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A9:C3:B7:47:40:78:CF:86:98:DC:CA:7F:86:25:55:24:18:EE:CD:2A","sha256":"A6:AB:6D:DF:58:71:C8:DC:08:42:BE:35:0B:4F:F4:AC:95:F4:B2:52:56:97:EA:18:BF:EC:B0:33:28:0D:80:DD"}}},"request":{"raw":"GET /obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/Store_page_new.mp4 HTTP/1.1\r\nHost: sf16-va.tiktokcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gzsycfz.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ncontent-type: video/mp4\r\naccept-ranges: bytes\r\ncontent-md5: y+8FYN5lA1fzC27aNOnFxQ==\r\netag: \"cbef0560de650357f30b6eda34e9c5c5\"\r\nlast-modified: Tue, 27 May 2025 06:41:37 GMT\r\nx-bdcdn-cache-status: TCP_MISS\r\nx-tos-request-id: ed31fd9d4a9d36c0699d4a9d-a7b6eb6\r\nx-tos-response-time: Tue, 24 Feb 2026 06:52:13 GMT\r\nx-request-ip: fdbd:dc61:b:333::54\r\nx-response-cinfo: fdbd:dc61:b:333::54\r\nx-response-cache: miss\r\nx-tt-trace-host: 019a90abba87a018a32d4f7c33a3e05532918d45b6f74b009f844e7b088a3be231c58fdc0dc6048eb74f9feedea6e2eaa64b4fff2dde6b2568fd30a5ecd7eaeb5d1b93f995dc8b4485e7c64e5c586ae500cd415f7f85558a0f163c27c82d26cd5272ce6fe38ed5e9af3176e3ed342c982e\r\nx-tt-trace-id: 00-26022414521362E026763A1DD9839C0D-26B4B66D4BB2F922-00\r\nserver: TLB\r\nx-tt-logid: 2026022414521362E026763A1DD9839C0D\r\nx-akamai-request-id: 1583b0c.117e5ed5\r\ncache-control: max-age=2592000\r\nexpires: Sat, 16 May 2026 14:47:42 GMT\r\ndate: Thu, 16 Apr 2026 14:47:42 GMT\r\ncontent-range: bytes 0-831553/831554\r\ncontent-length: 831554\r\nx-cache: TCP_MISS from a2-22-55-55.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (-)\r\nx-cache-remote: TCP_HIT from a2-22-55-117.deploy.akamaitechnologies.com (AkamaiGHost/22.5.0-aaef44c942a33f2d231f7120051a5b09) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=4, origin; dur=0, inner; dur=131\r\nx-parent-response-time: 4,2.22.55.55\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":null,"data":{"size":831554,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"cbef0560de650357f30b6eda34e9c5c5","sha1":"b5dc34a50e3dc3ef09f9afa17ba4a66228d0d95b","sha256":"1b9b48ce8bab227e7242cc829fe535f64ced5f9e876786c498e3c32692c5ed1b","sha512":"f8cf6586b04b8dec7d7ffd4c7616969495fb1a52688ee4805b4e5aeba060307a7acdc566e019b79b7b57a074af1d37b0c2bfba366c32076751bb03ff3513722b","ssdeep":"12288:3+zHu5RNG6tShn3XHMhl+aUvg8Lz9GcctZI4bsak/WmkPpRCs/FxnSkTcxLhv:gO5WISBHI4vJ9Gcc9prFxnSD1","tlshash":"3a0523dbb2df6d9dcebd3732ac720643967bf945019483e7a66040f4a9f50692e180f8","first_seen":"2025-01-28T12:57:32.27221Z","last_seen":"2026-04-22T12:22:42.029418Z","times_seen":575,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":33,"dns":0,"connect":0,"send":0,"wait":8,"receive":56,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}