{"report_id":"999ced4e-8a93-467c-bee9-0231da0d0234","version":6,"status":"done","tags":[],"date":"2026-03-23T03:47:41Z","url":{"schema":"http","addr":"qgwjg.com","fqdn":"qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":0,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"http","addr":"www.qgwjg.com/","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"title":"永乐高·60net(中国·集团)官方网站-Best Of Best","dom":{"size":2072,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1397)","md5":"f71d6c9956692b96043c21d1bee9b771","sha1":"66c2826ef98f14694eb26170c7199c7a7e0216ff","sha256":"b0c0aba97a30fb9dd8a85d4e6b2fce8e4d003fe6623acd68b538b7f9a35b60ce","sha512":"8517ce39015cb1e85e5ce21549dba60465130a51c01a01bd548318c1b45d56b4e9d930f50b55061cf136f18d9584c6a3947012cd52e0bc56a1366ffceebc1929","ssdeep":"","tlshash":"b74110ef1c40da595a9259e8a9ebf20cc86e0517910ccc07f4d9d0cd2e68fd5486335c","dom_hash":"domhashbbe4ca4e66a8b6025c3760a6ff574296","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"qgwjg.com","fqdn":"qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":0,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-27T03:47:41Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"test.xinxiyidiantong.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"fcl.xueyuxingfeng.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"fcl.xueyuxingfeng.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"mzj.pds.gov.cn","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2001-12-24","domain_rank":0,"first_seen":"2026-03-23T03:47:41.973526Z","last_seen":"2026-03-23T03:47:41.973526Z","alert_count":0,"request_count":16,"received_data":46416,"sent_data":7162,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.hnzwfw.gov.cn","ip":{"addr":"222.143.21.19","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2017-02-23","domain_rank":3134019,"first_seen":"2018-02-17T17:54:52Z","last_seen":"2026-03-02T00:52:51.537517Z","alert_count":0,"request_count":2,"received_data":5246,"sent_data":875,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"test.xinxiyidiantong.com","ip":{"addr":"27.124.44.50","port":2096,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2019-08-03","domain_rank":0,"first_seen":"2021-06-25T14:04:50Z","last_seen":"2026-03-21T06:33:27.022221Z","alert_count":3,"request_count":3,"received_data":42827,"sent_data":1351,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.pds.gov.cn","ip":{"addr":"218.28.75.21","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2001-12-24","domain_rank":3771650,"first_seen":"2017-01-26T13:00:56Z","last_seen":"2026-01-23T16:15:54.144469Z","alert_count":0,"request_count":4,"received_data":200481,"sent_data":1811,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"user.pds.gov.cn","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2001-12-24","domain_rank":0,"first_seen":"2021-05-14T08:33:02Z","last_seen":"2026-01-23T16:15:53.610311Z","alert_count":0,"request_count":2,"received_data":0,"sent_data":928,"comment":"","tags":null,"fingerprints":null},{"fqdn":"dajiafa888.com","ip":{"addr":"143.92.57.36","port":22118,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2024-10-08","domain_rank":7213971,"first_seen":"2021-01-31T18:30:24Z","last_seen":"2026-03-21T06:41:02.274692Z","alert_count":0,"request_count":1,"received_data":3293,"sent_data":768,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"pds.gov.cn","ip":{"addr":"218.28.75.21","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"domain_registered":"2001-12-24","domain_rank":429856,"first_seen":"2014-12-13T00:22:52Z","last_seen":"2025-09-10T05:53:04.978075Z","alert_count":0,"request_count":3,"received_data":0,"sent_data":1385,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.qgwjg.com","ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":25,"request_count":25,"received_data":97226,"sent_data":9177,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"qgwjg.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":2,"request_count":2,"received_data":189,"sent_data":872,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"collect-v6.51.la","ip":{"addr":"43.159.107.113","port":80,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2005-01-17","domain_rank":348646,"first_seen":"2021-03-08T16:03:54Z","last_seen":"2026-03-16T04:41:01.468216Z","alert_count":0,"request_count":2,"received_data":721,"sent_data":776,"comment":"","tags":null,"fingerprints":null},{"fqdn":"push.zhanzhang.baidu.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"1999-10-11","domain_rank":1485849,"first_seen":"2015-07-22T05:44:02Z","last_seen":"2026-03-19T01:54:50.296368Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":336,"comment":"","tags":null,"fingerprints":null},{"fqdn":"zfwzgl.www.gov.cn","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"1998-12-04","domain_rank":1440541,"first_seen":"2021-01-06T20:47:21Z","last_seen":"2026-03-20T12:04:56.567702Z","alert_count":0,"request_count":2,"received_data":1886,"sent_data":884,"comment":"","tags":null,"fingerprints":null},{"fqdn":"auth.mangren.com","ip":{"addr":"60.247.145.81","port":443,"asn":38283,"as":"CHINANET SiChuan Telecom Internet Data Center","country":"China","country_code":"CN"},"domain_registered":"2002-08-11","domain_rank":4712527,"first_seen":"2022-04-28T09:09:34Z","last_seen":"2026-03-11T23:09:38.924584Z","alert_count":0,"request_count":1,"received_data":184,"sent_data":438,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fcl.xueyuxingfeng.com","ip":{"addr":"27.124.44.6","port":6987,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"2021-06-17","domain_rank":0,"first_seen":"2021-06-17T13:30:21Z","last_seen":"2026-03-17T00:31:00.03382Z","alert_count":2,"request_count":1,"received_data":3641,"sent_data":428,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"zfwzgl.www.gov.cn/exposure/jiucuo.js","fqdn":"zfwzgl.www.gov.cn","domain":"www.gov.cn","tld":"gov.cn"},"ip":{"addr":"36.112.20.164","port":443,"asn":4847,"as":"China Networks Inter-Exchange","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"6ceca9849e3ac1a8b22a998d3f299c15","sha1":"829911ad240e6663f9e4a67ef790cd237d2e596d","sha256":"e00d4b4e99a212980e4d697ae1082e5dd9e583bf321d795e97e52c4ac30177a0","sha512":"06a2707f60ad806c5454fc004b48f435342e2b16051516a5352d43024b56912fcf50902207c00faed7810efea6f70a81c0c1a6aad9cf52658890b2594475a9c3","ssdeep":"","tlshash":"133115e220031d37567a12b1637d220abaedae71cc1dc504ac2c468716ac65af2235fe","size":1474,"data":"","first_seen":"2023-03-12T11:40:32Z","last_seen":"2026-03-23T03:48:11.409576Z","times_seen":43,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/js/index.js","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"24f89c73a7d12dab2282fb164bd42c2e","sha1":"7307b91f85cc387ba65391638338a986c2f534d4","sha256":"4c4a990e54c571b654a26b6bef17105d73b5188d8d2817039213e4b171c63b19","sha512":"1a07f48d740c4d98c42523ff3027d6260b90b5fc813946eab2651313f2ff12bad248f76874c02618056c0356c2f9dfeeead3c8a376e821d28f8e710a22a2c419","ssdeep":"","tlshash":"0151b05a62f312359077346e0f9f50183164d0a387469d00be6cea915fe0d39dab5bda","size":2898,"data":"","first_seen":"2026-03-23T03:48:11.399982Z","last_seen":"2026-03-23T03:48:11.399982Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"9cab9a9052b5be511ecb7711dbd818d4","sha1":"7fa17ee99dd169cc6f10537ddf3b1950b02e3b46","sha256":"7e52c1f0ffc04067cb5bee125ade1776445096a4ccac83a602da27d8e60663c3","sha512":"1e0fbe16daa57d6cea8adab4f54c23fda708b2f7bd7d1902417990f826759d51eeb6861faf74132d11ae11a4433a6391d8aff4932ca35bef67a65197485423db","ssdeep":"","tlshash":"6a9004dc0f1010c5050c1d45150d0c0f0c5544df4414cd3c3c0341d51cc0514f330c71","size":42,"data":"","first_seen":"2026-03-23T03:48:11.410942Z","last_seen":"2026-03-23T03:48:11.410942Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-04-05T07:45:35.102707Z","times_seen":81715,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fcl.xueyuxingfeng.com:6987/master/fun/sj.js","fqdn":"fcl.xueyuxingfeng.com","domain":"xueyuxingfeng.com","tld":"com"},"ip":{"addr":"27.124.44.6","port":6987,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"12de2458417cf5ada96ad1a853cfba81","sha1":"b8782615c9815c72070a4e785b95acd056cf397c","sha256":"2694bee860690e5659d75440ecb916c6cb8ee8310b4c0bda653b10ea2a0a0f85","sha512":"08b2e31e58dac46f0300639446090be0608bc290192bb66e6bf32f9c1c0d5b9782df890b8c9a9b4f10a4c87b80d0b2c44e785444eb8d0d86c5f20cf8b9b54fbb","ssdeep":"","tlshash":"be611f54ef8d20338e133155ae6f958c24be68577958eca7f84c64d44fa0d38852beac","size":3363,"data":"","first_seen":"2024-10-11T08:18:50.521405Z","last_seen":"2026-04-05T01:02:30.533414Z","times_seen":318,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.pds.gov.cn/js/publicTools.js","fqdn":"www.pds.gov.cn","domain":"pds.gov.cn","tld":"gov.cn"},"ip":{"addr":"218.28.75.21","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"35bd846ec2da7abbbd9af5073ff17ca4","sha1":"8a64460e4366c7727029d54ca28b9817295b8260","sha256":"8619cf176e037beebcc2f7f9994ead69f8003c63d07c92968f320c91e135ab70","sha512":"474ee3adf44c4a831fc5cd73b419647c3a4faf99a2ba10afc4246d2d1fec061448e24bc63b2a61785c276511750cdbe5f9d552f8c4a5269c72920542a897ea76","ssdeep":"","tlshash":"5a518324f1f06625333b902de65182cafd70011786479a18be8debe2af34c691a3778c","size":2884,"data":"","first_seen":"2025-07-19T18:36:53.831814Z","last_seen":"2026-03-23T03:48:11.410052Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"c8b186cbcb684ead15a15cff4f54c1ec","sha1":"9f04da34c6d30fe2b2611f7990071db36759e64c","sha256":"3568f4be75f0e6e00d860da6497b5a6a6932e559cdfb2e89bb7858c9d33a6c72","sha512":"36c5bcf75d0a9294d9930a8c0ff8905da0233c4c85677fa78586924515973ed6ae891984950d410e630d53b3739de829aa3f80f69362e467068a83aba7fa3fa9","ssdeep":"","tlshash":"f960008802820008800800800008020a800280808888a8008820b00020000022000008","size":15,"data":"","first_seen":"2026-01-23T16:16:18.305042Z","last_seen":"2026-03-23T03:48:11.413191Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"db7b1cee38a98f75417aea265aeae664","sha1":"1c44e4ce787a302e476463412d77f6b81a8ae54e","sha256":"2129da4b91dab153e545b56528b8b8fe354370aea75b3dfb874a4983b90692a7","sha512":"125184e4209f6b93d89faaf191b1f78fbbe6597a6267a7747d16ef280b73c2cbbe4409ab7f30bfa73f5265a2a25f30c9cd69628c339b049a92f5be9a9ab917f5","ssdeep":"","tlshash":"be8004c77041f400030513340c4f4d0774dc14144c04030d751040701c13c115313dcc","size":38,"data":"","first_seen":"2026-03-23T03:48:11.419235Z","last_seen":"2026-03-23T03:48:11.419235Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"c7554e3cf72f623e40b358c1f414abd2","sha1":"b9c866aa34883534d98c95632d1c1645523ebc1d","sha256":"4bf80fa7bb5309252f991d347e59be712934a9409fa1cb2b54cb8bddf1568aa7","sha512":"fa684774c579820de45cdb92940728ef9db5f432841d19efc827e3197d887aaddd8ac8cca8ac196fb8cddac288f7dd3b836f32d755ec5d77ac88c300d8353069","ssdeep":"","tlshash":"9df09eaee845a66426d625fd579bd648d15e0024d00ecc03a8d5c5cd2c3cfd9052134c","size":502,"data":"","first_seen":"2025-01-30T05:52:15.29779Z","last_seen":"2026-03-23T03:48:11.420108Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auth.mangren.com/boots/mzj.pds.gov.cn/esdToolsInit.js","fqdn":"auth.mangren.com","domain":"mangren.com","tld":"com"},"ip":{"addr":"60.247.145.81","port":443,"asn":38283,"as":"CHINANET SiChuan Telecom Internet Data Center","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"4db64ba5d34c0142023d405bcce73910","sha1":"6a8631848758d9eba1c86cebd2a584f528e68703","sha256":"bec1b9ef8c5631992792e3533ec3f1c67d5a67196632ae7034d7ce84e1653a9e","sha512":"2e64d64a66aaa4e07ced3aa7b5d61c4a224d6115d9c43c41567464b5e4204c7d8c7e879561028c1c71e7686120327732cab10f5d4f23a9515d3666114827a250","ssdeep":"","tlshash":"9450000300000000000000033c000f03c00000c3000000300c000000c03300c03c0000","size":10,"data":"","first_seen":"2026-03-14T12:27:08.144287Z","last_seen":"2026-03-23T03:48:11.403964Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"42e6b3fe22dd6d030f6aa7a1180f7d16","sha1":"2046d54a972ba3c01e53189dddaf1985c3fbe6eb","sha256":"fbe99aea61a279840efa5122beb9ddc988030b861e54a3c7207911bd9d4b5e9f","sha512":"525ec1c921c9f8d1bee0171797f4af584d2e3d6f7c6bb5e981e7fdb3b7e7ed9f1ad4e234afd802acc3a18ec1b65b415eaa37b31bf3ff8acd064dc542eb398cc6","ssdeep":"","tlshash":"8dd0a781b312444c500ca002d39ed09a5ced8dbb0110dc7bb7bcd5a7054105fe3ac59f","size":221,"data":"","first_seen":"2025-07-19T18:36:53.872118Z","last_seen":"2026-03-23T03:48:11.421106Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"c64e3baf156ff5dfb3ae5bbcfdd77bc2","sha1":"0872e597aa2962a4d45b47e0fc3a46001005b127","sha256":"a44e42623cf9f6f77eb9265846624051502ed3c86187df8c2761f23d20451db0","sha512":"b70c4c49682aaa361655e0bdd2c2811d85595f28e2233a90948c6a44e21dee043c6402ef33616f19b143b6974c80a4bfd6d7b6f2706abca36c188773538ffa3e","ssdeep":"","tlshash":"6b21061578e221869e2bf6fac52fa53c3864d407446dce563a6cd2808f2417ce685acd","size":1207,"data":"","first_seen":"2026-03-23T03:48:11.422071Z","last_seen":"2026-03-23T03:48:11.422071Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/jquery.la.min.js","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"88692e77be81c5aa7b55949b26c0abda","sha1":"52ef4ff211dfc042123d0fbd034ef5820e8d4bb8","sha256":"eb44957e9d4bcea084f5047a156bc86c2a9687fd0f2dce6bdcb263b9c0298960","sha512":"eea410c44fd103c1c0add4c23be8db67eab4dee4cbc17330d9872777d3f49b402f241dc3bfbc05b5a81fb2ba60968ca4b69e10cbdc236e040f7be44404797595","ssdeep":"","tlshash":"0221af5fbc06e2606b55297b33b7ddace9ed10325409dc0659eac46c3c29ff94512a0c","size":1219,"data":"","first_seen":"2025-01-30T05:52:15.24859Z","last_seen":"2026-03-23T03:48:11.39193Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"71d683fe30d7b16a4d017adc3cedcb9f","sha1":"621aa7424ce75585ccf0a70c04b646e6d0d88897","sha256":"1caf4fefad4c31c4f18aed63b91ca1ba292fb7f0b4e723dd5b4c9cc8a7f70367","sha512":"58d64060c18cd8b327f090e8558654fa0ca13823347b8619e81147f253ee1af72152f58fe868a61b5aa1f300d342d2414ae2ce2901605d4e39163da34ebf81c8","ssdeep":"","tlshash":"5af09e6fd841a5546bc224b95b9bd648d0ae0925d009c413a5d6d8cd3d38fc4043235c","size":502,"data":"","first_seen":"2023-05-21T11:30:02Z","last_seen":"2026-03-24T17:58:34.728785Z","times_seen":61,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/jquery.min.js","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"4b5423e72ea20a41a09de130fd10ab6e","sha1":"c52a85615bcc85d5754ccb34698d09d4739107e3","sha256":"88746c42735c7c282add4d40ac4e2117973b081ab6ae08656221885c2155cbea","sha512":"4c43f0ff7f192a84f50b66cb0a075c778e4dd767d357d873ac9ee3d702465c673d9220e74a8286710e758935bec2804b739e258d587592ad89c9acb35e43b9f2","ssdeep":"","tlshash":"2c014bdc87c8d85b6ecc5e43ea24deca61b2823b97d831838329fa8c01a9152c89c459","size":731,"data":"","first_seen":"2023-03-12T23:00:27Z","last_seen":"2026-04-05T01:02:30.5379Z","times_seen":145,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.hnzwfw.gov.cn/gbkh/lib/tyrk/unified_entrance.js","fqdn":"www.hnzwfw.gov.cn","domain":"hnzwfw.gov.cn","tld":"gov.cn"},"ip":{"addr":"222.143.21.19","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"4ece1729224026789b8d1b5c6e39719a","sha1":"6f31f30eb8d2f3112d2d021e689b8e694b225f66","sha256":"b4e0d39b745b7febe68ddc146f2b737a404f20d9f9b01fff119e42451676485c","sha512":"a60ee4efbc879798602878d9ed27f8aff7361d678e30f82e3c552ca41ae3413272e91703deb2255e9bad43e879ffecefe4e822f4f2b026c2e222ae19e22a58f4","ssdeep":"","tlshash":"9d41bb86284252b08afb62c29b2b604cfd71963f2840c5663bbd47c11f74976e187fce","size":2378,"data":"","first_seen":"2025-09-06T14:50:54.632423Z","last_seen":"2026-03-23T03:48:11.392527Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sdk.51.la/js-sdk-pro.min.js","fqdn":"sdk.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8a41c9449b73e8ba0224c6be1f0b7e8","sha1":"33d79319d4110bcf5c44c36f7dd4a291972ac546","sha256":"52079c09a7355f4ce3af750602ebb9aebae8238583601f8a06268eecccf13565","sha512":"472d0395a65a3ade2d215559b196a88ffcdacde3ac0f573eb8663b524f201d72c9339bcacbc198d82452a0ac367c0efd407b12795943cdd2755d95a8cf71b977","ssdeep":"768:swetbD3SkE+a/l1jaKUiQU5eqEh9GMXBOXAA/EXBeJMlbJfuPT:BetbD3SVT/3+KUc5eqEh9GMXBYEXBeJ7","tlshash":"dbf23d9577c0317cc3c783ea362b501ae1a69e910059a8bcf345f6907d34e56a37fba8","size":36114,"data":"","first_seen":"2025-03-10T03:40:31.536734Z","last_seen":"2026-04-05T07:45:35.102707Z","times_seen":81715,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"bee2003ad6753c4d9b385bbc31dca9e1","sha1":"2098e27802321e251c8787240a7a137556c54685","sha256":"e528aa7f7f0602e40de139772f2baa6d89bb285fa278fe34a74c08f2408edfc0","sha512":"1d5ce7fb795c274c6299793cf6fd1c7d27bbb92b13db3ea942156164c1120cacee7bf8b49fe2d694ed60428926082f8f8eec39187916309497db9ddac00f2ca9","ssdeep":"","tlshash":"82a022033e02c088ac0200e3b0b0f83ce0e23823a882ec0ccef202282c823c8ce00802","size":78,"data":"","first_seen":"2024-02-28T16:44:35Z","last_seen":"2026-04-05T01:02:30.549355Z","times_seen":140,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"3f9e2b0b408bee839cda9c23a7727f22","sha1":"d3bbb90c218fd507ec4d90e9d222eae425228747","sha256":"5a3776938bbc7499179fdd2ca133acf9f05e50a151c5b48ab68ca2b6802c8b56","sha512":"1c69c53d66e361afc94939b72fb7c4c42037a6d32120b2f299b570fb3426d03eaf011bc04130dec0f915db17b981cecd53a72a16872598234964916b79bda716","ssdeep":"","tlshash":"cbc02b835c01cc0c47010accd0a3fc2cc0a0f12a2114ec9dc0d030dc21816e908021f0","size":136,"data":"","first_seen":"2023-03-12T23:00:27Z","last_seen":"2026-04-05T01:02:30.545262Z","times_seen":144,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"45d3ca15a1348dc7b57887e7d3161525","sha1":"da366dc32904457b587b9870ee8702ba9e048e30","sha256":"c9f11f662acb96da355883a000663eb6f4fb641a9e7fc81e7453efb68a2406b8","sha512":"8707c88908ff9a5eda53285c58e7fd70f257f848cd4d8913d756b17794c52440971206793b5ff2576784ca4cfc6bd351186d212eab3db5d5c48ce6a2107d4f24","ssdeep":"","tlshash":"ddf0467319805d0f6371c225f8dab895e9829947866c98d2f0c9309f1ff0f68e4d329d","size":609,"data":"","first_seen":"2024-10-16T13:13:51.577226Z","last_seen":"2026-03-25T21:03:19.749322Z","times_seen":126,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"0fddb07eb1780e57ec94d309b93923e6","sha1":"c25927429cd8e44a8f54c507a4b838c509034fb1","sha256":"e3a8396296aae451435ddae74c2b42b799e57161ffd4b9855aa377e70367b5ca","sha512":"e0621632c3f0c1ff772ed6526527329a84c4af168a96809754443f0fef815ad707cb8d2fae3e68ec483a4e241fae1973798be0913a8c868cc0345137c75b9883","ssdeep":"","tlshash":"f6f09e6f5c41e5545bd224995babd24cd0ae09255009c413b5e6d8cd3d38fd4083635c","size":508,"data":"","first_seen":"2023-05-21T11:30:02Z","last_seen":"2026-04-05T01:02:30.546983Z","times_seen":141,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"640dc60a363b0a72eb413851668cd998","sha1":"fc2b8497596d95e130d264a17f5d54f9724fdaa6","sha256":"893b6638adc263448e07559ecb06a0c082dc96e758e2308d96b03a5c298f5cb7","sha512":"307090f1842d2a8c773f6c7a66684dacc81cf7c487883a8e11938eeaf17a8df0b2ee1e2867680ef3d31c1e8eee536a13545722a351c8447fa104e3723a3f516c","ssdeep":"","tlshash":"b4f09eae6c45e6641ad625dd57abd24cc15e0024100ecc03b8d5c5cd3c3cfe9052534c","size":508,"data":"","first_seen":"2025-01-30T05:52:15.308709Z","last_seen":"2026-03-23T03:48:11.425531Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"mzj.pds.gov.cn/images/ico-5-6.png","fqdn":"mzj.pds.gov.cn","domain":"pds.gov.cn","tld":"gov.cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:23.371Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/ico-5-6.png HTTP/1.1\r\nHost: mzj.pds.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.qgwjg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-23T03:47:20.786Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: www.qgwjg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:21 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":26255,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (549)","md5":"8a437533ece593fcb4a19c31ffec7705","sha1":"e8a82ee1f4ce47ea27019dad0a907591db26a588","sha256":"9b8fb417930ca02aa578bd29bc6df2401a9168b55f1e27112008d1ef7664032b","sha512":"8a999ddfb94d3dad0d5e42a6a35078cac2cfea180f7caee9b8acce367d337fc5220c2c3892f87268fb4ae4f0cafac0c5caf07e0d577761df2f46a94158134ed2","ssdeep":"384:vHfgfzY527doII0JaCt4fc6x4GyPXRVYsNJJvZOjQH70HNyHidHwH4JCDH/2gNwr:/b2OmzJjSQbUNiaA5Q+NSuC6T94/","tlshash":"20c2c6b78ad0e46703caa6d5ea74e71dd143a517c8228906b9fd93db2bc0fd58e0709c","first_seen":"2026-03-23T03:48:11.39097Z","last_seen":"2026-03-23T03:48:11.39097Z","times_seen":1,"resource_available":true,"data":null}},"time_used":470,"timings":{"blocked":146,"dns":1,"connect":145,"send":0,"wait":177,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mzj.pds.gov.cn/images/timg.png","fqdn":"mzj.pds.gov.cn","domain":"pds.gov.cn","tld":"gov.cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:23.369Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/timg.png HTTP/1.1\r\nHost: mzj.pds.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.qgwjg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/images/bj.png","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:23.877Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/bj.png HTTP/1.1\r\nHost: www.qgwjg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:23 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: https://mzj.pds.gov.cn/images/bj.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5966,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/jquery.la.min.js","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:24.161Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /jquery.la.min.js HTTP/1.1\r\nHost: www.qgwjg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:24 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Wed, 12 Nov 2025 05:27:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"69141ad2-4c3\"\r\nExpires: Mon, 23 Mar 2026 04:47:24 GMT\r\nCache-Control: max-age=3600\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1219,"size_decoded":0,"mime_type":"application/javascript","magic":"HTML document, ASCII text, with very long lines (554), with CRLF line terminators","md5":"88692e77be81c5aa7b55949b26c0abda","sha1":"52ef4ff211dfc042123d0fbd034ef5820e8d4bb8","sha256":"eb44957e9d4bcea084f5047a156bc86c2a9687fd0f2dce6bdcb263b9c0298960","sha512":"eea410c44fd103c1c0add4c23be8db67eab4dee4cbc17330d9872777d3f49b402f241dc3bfbc05b5a81fb2ba60968ca4b69e10cbdc236e040f7be44404797595","ssdeep":"","tlshash":"0221af5fbc06e2606b55297b33b7ddace9ed10325409dc0659eac46c3c29ff94512a0c","first_seen":"2025-01-30T05:52:15.24859Z","last_seen":"2026-03-23T03:48:11.39193Z","times_seen":24,"resource_available":true,"data":null}},"time_used":146,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":146,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"qgwjg.com/","fqdn":"qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-23T03:47:19.161Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: qgwjg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":503,"timings":{"blocked":503,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.159.107.113","port":80,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:26.703Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Length: 374\r\nOrigin: http://www.qgwjg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 210 Unknown Status\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: http://www.qgwjg.com\r\nAccess-Control-Allow-Credentials: true\r\nServer: TencentEdgeOne\r\nContent-Length: 0\r\nConnection: keep-alive\r\nDate: Mon, 23 Mar 2026 03:47:26 GMT\r\nEO-LOG-UUID: 5632954239256097429\r\nEO-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"Unknown Status","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":433,"timings":{"blocked":147,"dns":0,"connect":19,"send":0,"wait":266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"43.159.107.113","port":80,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:26.686Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Length: 376\r\nOrigin: http://www.qgwjg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 210 Unknown Status\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Origin: http://www.qgwjg.com\r\nAccess-Control-Allow-Credentials: true\r\nServer: TencentEdgeOne\r\nContent-Length: 0\r\nConnection: keep-alive\r\nDate: Mon, 23 Mar 2026 03:47:26 GMT\r\nEO-LOG-UUID: 14067855359155112966\r\nEO-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"210","status_text":"Unknown Status","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":574,"timings":{"blocked":164,"dns":128,"connect":19,"send":0,"wait":263,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/images/ewm1.png","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.248Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/ewm1.png HTTP/1.1\r\nHost: www.qgwjg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:23 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: https://mzj.pds.gov.cn/images/ewm1.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":1918,"timings":{"blocked":1735,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mzj.pds.gov.cn/images/ewm1.png","fqdn":"mzj.pds.gov.cn","domain":"pds.gov.cn","tld":"gov.cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:23.239Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.pds.gov.cn","organization":"平顶山市人民政府办公室（平顶山市人民政府研究室）"},"issuer":{"commonName":"DigiCert Basic OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Tue, 13 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:67:BB:2E:59:8A:AC:42:E3:00:D7:C0:AC:4C:66:16:D8:F4:70:64","sha256":"84:A1:86:3F:C6:93:BA:62:18:E0:20:96:12:04:C3:B2:04:3B:82:90:62:90:DC:2F:40:C8:D0:43:2C:3A:6B:92"}}},"request":{"raw":"GET /images/ewm1.png HTTP/1.1\r\nHost: mzj.pds.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.qgwjg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":1473,"timings":{"blocked":733,"dns":689,"connect":8,"send":0,"wait":0,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mzj.pds.gov.cn/upload/images/2025/9/fc001a4b16e7817a8a23b704a4895529.png","fqdn":"mzj.pds.gov.cn","domain":"pds.gov.cn","tld":"gov.cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:23.243Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.pds.gov.cn","organization":"平顶山市人民政府办公室（平顶山市人民政府研究室）"},"issuer":{"commonName":"DigiCert Basic OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Tue, 13 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:67:BB:2E:59:8A:AC:42:E3:00:D7:C0:AC:4C:66:16:D8:F4:70:64","sha256":"84:A1:86:3F:C6:93:BA:62:18:E0:20:96:12:04:C3:B2:04:3B:82:90:62:90:DC:2F:40:C8:D0:43:2C:3A:6B:92"}}},"request":{"raw":"GET /upload/images/2025/9/fc001a4b16e7817a8a23b704a4895529.png HTTP/1.1\r\nHost: mzj.pds.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.qgwjg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":1464,"timings":{"blocked":729,"dns":684,"connect":17,"send":0,"wait":0,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mzj.pds.gov.cn/upload/images/2023/1/d16e73b21ade0a937b85384accd71de4.jpg","fqdn":"mzj.pds.gov.cn","domain":"pds.gov.cn","tld":"gov.cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:23.362Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/images/2023/1/d16e73b21ade0a937b85384accd71de4.jpg HTTP/1.1\r\nHost: mzj.pds.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.qgwjg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"push.zhanzhang.baidu.com/push.js","fqdn":"push.zhanzhang.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:23.937Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /push.js HTTP/1.1\r\nHost: push.zhanzhang.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":0,"dns":3,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.hnzwfw.gov.cn/service/lib/tyrk/unified_entrance.js","fqdn":"www.hnzwfw.gov.cn","domain":"hnzwfw.gov.cn","tld":"gov.cn"},"ip":{"addr":"222.143.21.19","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:22.873Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hnzwfw.gov.cn","organization":"河南省行政审批和政务信息管理局"},"issuer":{"commonName":"WoTrus OV Server CA  [Run by the Issuer]","organization":"WoTrus CA Limited"},"validity":{"start":"Fri, 14 Nov 2025 00:00:00 GMT","end":"Mon, 16 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B6:50:95:D0:2C:2E:3A:8A:64:9F:D3:7F:71:02:2A:4D:EA:56:A7:B4","sha256":"45:12:70:54:C5:54:3B:63:CD:A3:00:56:81:96:E5:87:73:0A:D2:A0:8B:EC:07:B7:75:DD:42:7A:03:5F:A8:BE"}}},"request":{"raw":"GET /service/lib/tyrk/unified_entrance.js HTTP/1.1\r\nHost: www.hnzwfw.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.qgwjg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Mon, 23 Mar 2026 03:47:22 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 2378\r\nLast-Modified: Thu, 15 Sep 2022 14:04:42 GMT\r\nConnection: keep-alive\r\nETag: \"632330fa-94a\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2378,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"4ece1729224026789b8d1b5c6e39719a","sha1":"6f31f30eb8d2f3112d2d021e689b8e694b225f66","sha256":"b4e0d39b745b7febe68ddc146f2b737a404f20d9f9b01fff119e42451676485c","sha512":"a60ee4efbc879798602878d9ed27f8aff7361d678e30f82e3c552ca41ae3413272e91703deb2255e9bad43e879ffecefe4e822f4f2b026c2e222ae19e22a58f4","ssdeep":"","tlshash":"9d41bb86284252b08afb62c29b2b604cfd71963f2840c5663bbd47c11f74976e187fce","first_seen":"2025-09-06T14:50:54.632423Z","last_seen":"2026-03-23T03:48:11.392527Z","times_seen":3,"resource_available":true,"data":null}},"time_used":272,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":272,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mzj.pds.gov.cn/images/ico-5-8.png","fqdn":"mzj.pds.gov.cn","domain":"pds.gov.cn","tld":"gov.cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:23.357Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/ico-5-8.png HTTP/1.1\r\nHost: mzj.pds.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.qgwjg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"test.xinxiyidiantong.com:2096/images/style1.css","fqdn":"test.xinxiyidiantong.com","domain":"xinxiyidiantong.com","tld":"com"},"ip":{"addr":"27.124.44.50","port":2096,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:24.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"test.xinxiyidiantong.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 02:32:06 GMT","end":"Tue, 16 Jun 2026 02:32:05 GMT"},"fingerprint":{"sha1":"F2:3E:4A:2C:AE:0F:1A:DC:04:1B:0A:91:04:E5:C8:80:09:CC:AD:F9","sha256":"C8:04:B0:6D:F6:48:F8:59:49:78:07:B9:83:C7:73:52:35:C4:D4:82:9E:3E:61:44:90:D3:1F:8A:03:C5:BD:87"}}},"request":{"raw":"GET /images/style1.css HTTP/1.1\r\nHost: test.xinxiyidiantong.com:2096\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:25 GMT\r\nContent-Type: text/css\r\nLast-Modified: Mon, 24 Apr 2023 11:24:01 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"644666d1-2acf\"\r\nExpires: Mon, 23 Mar 2026 04:47:25 GMT\r\nCache-Control: max-age=3600\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10959,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text, with very long lines (465), with CRLF line terminators","md5":"9dcee9f3e3a9adc3a8fd044d18aff03a","sha1":"222a22156013ec694b2088c0a92e22e95cadfeb0","sha256":"53143bf9cab52824338170fc6c349fddcec4f52dd1cb999c83f7865365445d8a","sha512":"782456493e261dc963ab94961e51482abd496641b98dc345b87bd8f6d220abddc3b747fd3bad55aefc2d89435f82eccb5bb08438ad29379d05b1094c0c2445e9","ssdeep":"192:YttDBv+hilwO09z0GgvfmLkyGtKwk6NxCiGgxE3M3EEVuo0Kkzxl8AjnHI0rGLd4:YttDBoilwO09z0GgvfmLkyGtKwk6NxCp","tlshash":"48327b2b9340288f745bc77868d77599f639c064fe3dd95ea31a33a6422298e1037fc5","first_seen":"2023-05-06T09:29:06Z","last_seen":"2026-04-04T22:45:47.057064Z","times_seen":1714,"resource_available":false,"data":null}},"time_used":3523,"timings":{"blocked":1605,"dns":66,"connect":298,"send":0,"wait":298,"receive":0,"ssl":1252},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"test.xinxiyidiantong.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zfwzgl.www.gov.cn/exposure/images/jiucuo.png?v=4104000025","fqdn":"zfwzgl.www.gov.cn","domain":"www.gov.cn","tld":"gov.cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:23.912Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.www.gov.cn","organization":"国务院办公厅秘书局"},"issuer":{"commonName":"CFCA OV OCA","organization":"China Financial Certification Authority"},"validity":{"start":"Thu, 24 Apr 2025 05:50:12 GMT","end":"Fri, 24 Apr 2026 05:50:11 GMT"},"fingerprint":{"sha1":"60:85:24:CD:FE:93:A2:C8:D3:17:E8:D9:62:87:26:CC:2C:B9:44:B8","sha256":"53:40:44:FE:B2:22:78:00:3A:4A:65:C0:F4:07:EA:C1:66:9A:6A:06:48:AB:9B:34:A8:CA:F6:F5:91:6B:04:56"}}},"request":{"raw":"GET /exposure/images/jiucuo.png?v=4104000025 HTTP/1.1\r\nHost: zfwzgl.www.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"qgwjg.com/","fqdn":"qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-23T03:47:19.826Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: qgwjg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:20 GMT\r\nContent-Type: text/html\r\nContent-Length: 178\r\nConnection: keep-alive\r\nLocation: http://www.qgwjg.com/\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":438,"timings":{"blocked":146,"dns":1,"connect":145,"send":0,"wait":145,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/css/media.css","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.247Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/media.css HTTP/1.1\r\nHost: www.qgwjg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:21 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":2903,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"a57aab05ac35643fe2108656f2d33e29","sha1":"01bef9645e928e9c7cb8d138c1ebd22b33033b95","sha256":"6a48f49c763d02c3526f4da970a623371d854f96acf120222d0fc897ba8656e2","sha512":"d8a38d3740d2b93ebfa5371a0ddcc820aab54047e5823761f16efac5d17d38fd5ded689b14ca9d6d9087b37acaf31600bccdbde9fbd3e339ef3d32635ac03220","ssdeep":"","tlshash":"17517b375611308cac22d5f3ab68a72a6135e023e706d4acf591ba198fcb24918f26dd","first_seen":"2026-03-23T03:48:11.395996Z","last_seen":"2026-03-23T03:48:11.395996Z","times_seen":1,"resource_available":false,"data":null}},"time_used":457,"timings":{"blocked":129,"dns":0,"connect":147,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/images/ico-5-7.png","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.262Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/ico-5-7.png HTTP/1.1\r\nHost: www.qgwjg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:23 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: https://mzj.pds.gov.cn/images/ico-5-7.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":1919,"timings":{"blocked":1720,"dns":0,"connect":0,"send":0,"wait":199,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/images/timg.png","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.264Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/timg.png HTTP/1.1\r\nHost: www.qgwjg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:23 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: https://mzj.pds.gov.cn/images/timg.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2095,"timings":{"blocked":1917,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.hnzwfw.gov.cn/gbkh/lib/tyrk/unified_entrance.js","fqdn":"www.hnzwfw.gov.cn","domain":"hnzwfw.gov.cn","tld":"gov.cn"},"ip":{"addr":"222.143.21.19","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.270Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hnzwfw.gov.cn","organization":"河南省行政审批和政务信息管理局"},"issuer":{"commonName":"WoTrus OV Server CA  [Run by the Issuer]","organization":"WoTrus CA Limited"},"validity":{"start":"Fri, 14 Nov 2025 00:00:00 GMT","end":"Mon, 16 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B6:50:95:D0:2C:2E:3A:8A:64:9F:D3:7F:71:02:2A:4D:EA:56:A7:B4","sha256":"45:12:70:54:C5:54:3B:63:CD:A3:00:56:81:96:E5:87:73:0A:D2:A0:8B:EC:07:B7:75:DD:42:7A:03:5F:A8:BE"}}},"request":{"raw":"GET /gbkh/lib/tyrk/unified_entrance.js HTTP/1.1\r\nHost: www.hnzwfw.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: openresty\r\nDate: Mon, 23 Mar 2026 03:47:22 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://www.hnzwfw.gov.cn/service/lib/tyrk/unified_entrance.js\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2378,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":1613,"timings":{"blocked":-1,"dns":434,"connect":272,"send":0,"wait":272,"receive":0,"ssl":636},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mzj.pds.gov.cn/images/ico-5-7.png","fqdn":"mzj.pds.gov.cn","domain":"pds.gov.cn","tld":"gov.cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:23.246Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.pds.gov.cn","organization":"平顶山市人民政府办公室（平顶山市人民政府研究室）"},"issuer":{"commonName":"DigiCert Basic OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Tue, 13 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:67:BB:2E:59:8A:AC:42:E3:00:D7:C0:AC:4C:66:16:D8:F4:70:64","sha256":"84:A1:86:3F:C6:93:BA:62:18:E0:20:96:12:04:C3:B2:04:3B:82:90:62:90:DC:2F:40:C8:D0:43:2C:3A:6B:92"}}},"request":{"raw":"GET /images/ico-5-7.png HTTP/1.1\r\nHost: mzj.pds.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.qgwjg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":727,"timings":{"blocked":-1,"dns":679,"connect":16,"send":0,"wait":0,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/images/ewm2.png","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.251Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/ewm2.png HTTP/1.1\r\nHost: www.qgwjg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:23 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: https://mzj.pds.gov.cn/images/ewm2.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":1925,"timings":{"blocked":1732,"dns":0,"connect":0,"send":0,"wait":193,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.pds.gov.cn/upload/images/2024/8/19/7ce74f7d98f2ca8a847d3302737cf130.png","fqdn":"www.pds.gov.cn","domain":"pds.gov.cn","tld":"gov.cn"},"ip":{"addr":"218.28.75.21","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.257Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.pds.gov.cn","organization":"平顶山市人民政府办公室（平顶山市人民政府研究室）"},"issuer":{"commonName":"DigiCert Basic OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Tue, 13 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:67:BB:2E:59:8A:AC:42:E3:00:D7:C0:AC:4C:66:16:D8:F4:70:64","sha256":"84:A1:86:3F:C6:93:BA:62:18:E0:20:96:12:04:C3:B2:04:3B:82:90:62:90:DC:2F:40:C8:D0:43:2C:3A:6B:92"}}},"request":{"raw":"GET /upload/images/2024/8/19/7ce74f7d98f2ca8a847d3302737cf130.png HTTP/1.1\r\nHost: www.pds.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 23 Mar 2026 03:47:22 GMT\r\ncontent-type: image/png\r\ncontent-length: 133225\r\nlast-modified: Mon, 19 Aug 2024 06:06:57 GMT\r\netag: \"66c2e101-20869\"\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000\r\nx-xss-protection: 1\r\ncontent-security-policy: *\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-permitted-cross-domain-policies: master-only\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\ncross-origin-embedder-policy: unsafe-none\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":73234,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 703 x 267, 8-bit/color RGBA, non-interlaced","md5":"7e1849566410fb53c20206b75558fb56","sha1":"452d36c997e801930247b9e38bf6d6af5438881a","sha256":"0c2c0887b699119f531eeba5e8da0cc095e7d6982782e00068a5bcd423b6193e","sha512":"99ac2afdc1a735f189b55ab2eddf5cdb6d0838d597e41cfa28708102fe2e4b1323311e08e8a4032fa942c98be99c72f61f0a3d231d02197e981eb83faeb6789c","ssdeep":"768:FElE1U/LrlT6Xl+FYAiBdjj0CVaRogucVeGQenKwgK+wGUYo1nPeAvDk3BobIhRT:FkyUv56hHj8oLco051PhkuMvGDbPv8","tlshash":"ac63e1b5fcb2fd2c146a26371ea5a941dca74b83d0c1ec0535cf2e152f54a8e9cdb922","first_seen":"2026-03-23T03:48:11.396907Z","last_seen":"2026-03-23T03:48:11.396907Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2860,"timings":{"blocked":1566,"dns":0,"connect":0,"send":0,"wait":519,"receive":775,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/upload/images/2023/1/d16e73b21ade0a937b85384accd71de4.jpg","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.258Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/images/2023/1/d16e73b21ade0a937b85384accd71de4.jpg HTTP/1.1\r\nHost: www.qgwjg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:23 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: https://mzj.pds.gov.cn/upload/images/2023/1/d16e73b21ade0a937b85384accd71de4.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2094,"timings":{"blocked":1918,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mzj.pds.gov.cn/images/20180111112816.png","fqdn":"mzj.pds.gov.cn","domain":"pds.gov.cn","tld":"gov.cn"},"ip":{"addr":"163.171.134.56","port":443,"asn":54994,"as":"ML-1432-54994","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:24.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.pds.gov.cn","organization":"平顶山市人民政府办公室（平顶山市人民政府研究室）"},"issuer":{"commonName":"DigiCert Basic OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Tue, 13 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:67:BB:2E:59:8A:AC:42:E3:00:D7:C0:AC:4C:66:16:D8:F4:70:64","sha256":"84:A1:86:3F:C6:93:BA:62:18:E0:20:96:12:04:C3:B2:04:3B:82:90:62:90:DC:2F:40:C8:D0:43:2C:3A:6B:92"}}},"request":{"raw":"GET /images/20180111112816.png HTTP/1.1\r\nHost: mzj.pds.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.qgwjg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 23 Mar 2026 03:47:27 GMT\r\nContent-Type: image/png\r\nContent-Length: 36342\r\nConnection: keep-alive\r\nServer: nginx\r\nLast-Modified: Fri, 26 Jul 2024 01:18:26 GMT\r\nETag: \"66a2f962-8df6\"\r\nAccept-Ranges: bytes\r\nStrict-Transport-Security: max-age=31536000\r\nX-XSS-Protection: 1\r\nX-Permitted-Cross-Domain-Policies: master-only\r\nX-Download-Options: noopen\r\nCross-Origin-Embedder-Policy: unsafe-none\r\nCross-Origin-Opener-Policy: same-origin\r\nCross-Origin-Resource-Policy: cross-origin\r\nPermissions-Policy: fullscreen=(self) geolocation=(self)\r\nX-Frame-Options: DENY\r\nReferrer-Policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\nContent-Security-Policy: frame-ancestors 'none'\r\nAccess-Control-Allow-Origin: https://user.pds.gov.cn\r\nx-via: 1.1 PSjshasx3dj100:5 (Cdn Cache Server V2.0), 1.1 VM-ARN-01Kmy5:6 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 69c0b7ce_VM-ARN-01Kmy5_21878-42045\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":36342,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1080 x 100, 8-bit/color RGBA, non-interlaced","md5":"2d25bdc4802b498918b3ab1ee775ba28","sha1":"5be39cad1cf9698dd65dd6a87e3f505033abba0f","sha256":"c9fcf902be2abab47b9f9caf8225451a4278f3c15dbfed73128c7c33a1356ea5","sha512":"94bbcc41c0fc2de9f4ca88ec08daf97dc134f4ee42268bfcbf11e8cc1b2bacae3ee77f998ac9be5dff8b6798f593018a40e1a46ebd621de5255cfae91af7ca38","ssdeep":"384:w0wTEg53BNcvV9GU0t4OTtG5hmpv+DgEoB0KmX38gbvaFFZ+ai46:wtEbvz03ILm9ygEoH7OArij","tlshash":"8ef28e28fdf0f2694d07123226a42f428d634f83a2c16e05f9dd441e5f12f9d9d8be96","first_seen":"2026-03-23T03:48:11.397834Z","last_seen":"2026-03-23T03:48:11.397834Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3156,"timings":{"blocked":1882,"dns":0,"connect":0,"send":0,"wait":993,"receive":281,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/upload/images/2023/8/9e63688432ae801fec96de96d2e7a3af.png","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.259Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/images/2023/8/9e63688432ae801fec96de96d2e7a3af.png HTTP/1.1\r\nHost: www.qgwjg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:23 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: https://mzj.pds.gov.cn/upload/images/2023/8/9e63688432ae801fec96de96d2e7a3af.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2088,"timings":{"blocked":1908,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mzj.pds.gov.cn/images/bj.png","fqdn":"mzj.pds.gov.cn","domain":"pds.gov.cn","tld":"gov.cn"},"ip":{"addr":"163.171.134.56","port":443,"asn":54994,"as":"ML-1432-54994","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:24.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.pds.gov.cn","organization":"平顶山市人民政府办公室（平顶山市人民政府研究室）"},"issuer":{"commonName":"DigiCert Basic OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Tue, 13 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:67:BB:2E:59:8A:AC:42:E3:00:D7:C0:AC:4C:66:16:D8:F4:70:64","sha256":"84:A1:86:3F:C6:93:BA:62:18:E0:20:96:12:04:C3:B2:04:3B:82:90:62:90:DC:2F:40:C8:D0:43:2C:3A:6B:92"}}},"request":{"raw":"GET /images/bj.png HTTP/1.1\r\nHost: mzj.pds.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.qgwjg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 23 Mar 2026 03:47:25 GMT\r\nContent-Type: image/png\r\nContent-Length: 5966\r\nConnection: keep-alive\r\nServer: nginx\r\nLast-Modified: Fri, 12 Oct 2018 00:55:10 GMT\r\nETag: \"5bbff0ee-174e\"\r\nAccept-Ranges: bytes\r\nStrict-Transport-Security: max-age=31536000\r\nX-XSS-Protection: 1\r\nX-Permitted-Cross-Domain-Policies: master-only\r\nX-Download-Options: noopen\r\nCross-Origin-Embedder-Policy: unsafe-none\r\nCross-Origin-Opener-Policy: same-origin\r\nCross-Origin-Resource-Policy: cross-origin\r\nPermissions-Policy: fullscreen=(self) geolocation=(self)\r\nX-Frame-Options: DENY\r\nReferrer-Policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\nContent-Security-Policy: frame-ancestors 'none'\r\nAccess-Control-Allow-Origin: https://user.pds.gov.cn\r\nx-via: 1.1 PSjsczsx2ci98:6 (Cdn Cache Server V2.0), 1.1 VM-ARN-01Kmy5:6 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 69c0b7cc_VM-ARN-01Kmy5_21878-42012\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5966,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1300 x 673, 8-bit/color RGBA, non-interlaced","md5":"ca59fed4287f3e1353097a4d0624185e","sha1":"f11ae65ca8c061d1b77feccbb07d8de9fb053032","sha256":"49f53f769be970c96a341d7f702e748b9839d3327f80c274c0c05624ae8311fe","sha512":"41b14bea6a08c30db3695ecc4a998f65c16e430f7563b82e3fe2b9b5b2edb3cba503df38333c6bc2c1de214bae70b33d432a0cb19aaf7d1c753a5dc210bc9d8f","ssdeep":"48:7qQvnL64oaIJ3OAwM00000000000000000000000000000000000000000000005:mQTv2h","tlshash":"58c1247ee184ce2ad4195bb34e439fda20a04a3a61a76937f7fd4c187ccf7042981962","first_seen":"2026-03-23T03:48:11.398757Z","last_seen":"2026-03-23T03:48:11.398757Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1680,"timings":{"blocked":47,"dns":1,"connect":23,"send":0,"wait":1560,"receive":1,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/js/index.js","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.269Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/index.js HTTP/1.1\r\nHost: www.qgwjg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:21 GMT\r\nContent-Type: application/javascript;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":2898,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"24f89c73a7d12dab2282fb164bd42c2e","sha1":"7307b91f85cc387ba65391638338a986c2f534d4","sha256":"4c4a990e54c571b654a26b6bef17105d73b5188d8d2817039213e4b171c63b19","sha512":"1a07f48d740c4d98c42523ff3027d6260b90b5fc813946eab2651313f2ff12bad248f76874c02618056c0356c2f9dfeeead3c8a376e821d28f8e710a22a2c419","ssdeep":"","tlshash":"0151b05a62f312359077346e0f9f50183164d0a387469d00be6cea915fe0d39dab5bda","first_seen":"2026-03-23T03:48:11.399982Z","last_seen":"2026-03-23T03:48:11.399982Z","times_seen":1,"resource_available":true,"data":null}},"time_used":473,"timings":{"blocked":107,"dns":1,"connect":147,"send":0,"wait":216,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"user.pds.gov.cn/api/User/T?parms=opt/addTracker/","fqdn":"user.pds.gov.cn","domain":"pds.gov.cn","tld":"gov.cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:23.933Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"POST /api/User/T?parms=opt/addTracker/ HTTP/1.1\r\nHost: user.pds.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain\r\nContent-Length: 45\r\nOrigin: http://www.qgwjg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mzj.pds.gov.cn/images/d.gif","fqdn":"mzj.pds.gov.cn","domain":"pds.gov.cn","tld":"gov.cn"},"ip":{"addr":"163.171.134.56","port":443,"asn":54994,"as":"ML-1432-54994","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:24.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.pds.gov.cn","organization":"平顶山市人民政府办公室（平顶山市人民政府研究室）"},"issuer":{"commonName":"DigiCert Basic OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Tue, 13 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:67:BB:2E:59:8A:AC:42:E3:00:D7:C0:AC:4C:66:16:D8:F4:70:64","sha256":"84:A1:86:3F:C6:93:BA:62:18:E0:20:96:12:04:C3:B2:04:3B:82:90:62:90:DC:2F:40:C8:D0:43:2C:3A:6B:92"}}},"request":{"raw":"GET /images/d.gif HTTP/1.1\r\nHost: mzj.pds.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.qgwjg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 23 Mar 2026 03:47:26 GMT\r\nContent-Type: image/gif\r\nContent-Length: 85\r\nConnection: keep-alive\r\nServer: nginx\r\nLast-Modified: Fri, 16 Mar 2018 07:44:52 GMT\r\nETag: \"5aab75f4-55\"\r\nAccept-Ranges: bytes\r\nStrict-Transport-Security: max-age=31536000\r\nX-XSS-Protection: 1\r\nX-Permitted-Cross-Domain-Policies: master-only\r\nX-Download-Options: noopen\r\nCross-Origin-Embedder-Policy: unsafe-none\r\nCross-Origin-Opener-Policy: same-origin\r\nCross-Origin-Resource-Policy: cross-origin\r\nPermissions-Policy: fullscreen=(self) geolocation=(self)\r\nX-Frame-Options: DENY\r\nReferrer-Policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\nContent-Security-Policy: frame-ancestors 'none'\r\nAccess-Control-Allow-Origin: https://user.pds.gov.cn\r\nx-via: 1.1 PSjshasx3vh102:12 (Cdn Cache Server V2.0), 1.1 VM-ARN-01Kmy5:1 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 69c0b7ce_VM-ARN-01Kmy5_20789-42981\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 11 x 13","md5":"f4ac42ecec279554e6f2feda827c3498","sha1":"863776ee99a72fd5aaf707e8132bf502948ef6d4","sha256":"ebf0c0f8e24ad925eff667e0cf438ec6844d73af07bb02d88f8f6378dc0838ef","sha512":"53a7d412b289418e9f789e53689344369de27f3e3e923976ffb810357e3180765d9af9cd8e79399e458d07ff825d956df2f28bde9e4c7c63ca2ad32fc5fdb163","ssdeep":"","tlshash":"77a00213f849f104c45d563d0819c15190025554d6595155f165721556bb159017965d","first_seen":"2026-03-23T03:48:11.400935Z","last_seen":"2026-03-23T03:48:11.400935Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4630,"timings":{"blocked":1881,"dns":1,"connect":10,"send":0,"wait":865,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"test.xinxiyidiantong.com:2096/images/favicon.ico","fqdn":"test.xinxiyidiantong.com","domain":"xinxiyidiantong.com","tld":"com"},"ip":{"addr":"27.124.44.50","port":2096,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:24.897Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"test.xinxiyidiantong.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 02:32:06 GMT","end":"Tue, 16 Jun 2026 02:32:05 GMT"},"fingerprint":{"sha1":"F2:3E:4A:2C:AE:0F:1A:DC:04:1B:0A:91:04:E5:C8:80:09:CC:AD:F9","sha256":"C8:04:B0:6D:F6:48:F8:59:49:78:07:B9:83:C7:73:52:35:C4:D4:82:9E:3E:61:44:90:D3:1F:8A:03:C5:BD:87"}}},"request":{"raw":"GET /images/favicon.ico HTTP/1.1\r\nHost: test.xinxiyidiantong.com:2096\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:26 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 3066\r\nLast-Modified: Fri, 22 Oct 2021 08:11:14 GMT\r\nConnection: keep-alive\r\nETag: \"61727222-bfa\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3066,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"00b726752e8713453d31b694d4f74b89","sha1":"122742a4ce71b668801ddcc8db72f07730db290c","sha256":"45d8a46c7758c43f32db8794520cbf03604db83734c969ca80d3b356f8360b37","sha512":"75660a291825839b5fd42b269bd501a9c81a5426adaab17d7b368687194da769a1373b3b5c20476085909c6f0fa5391e9b3c30714bc4be5b6e405ac018814367","ssdeep":"","tlshash":"e9515d9712b1080bc4797cb20f41bc5e95251237402dfaa57cf332d5ba80e9d629bed1","first_seen":"2023-05-06T09:29:06Z","last_seen":"2026-04-04T22:45:47.066966Z","times_seen":1723,"resource_available":false,"data":null}},"time_used":1479,"timings":{"blocked":1165,"dns":0,"connect":0,"send":0,"wait":314,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"test.xinxiyidiantong.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.pds.gov.cn/css/pdscommon.css","fqdn":"www.pds.gov.cn","domain":"pds.gov.cn","tld":"gov.cn"},"ip":{"addr":"218.28.75.21","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.246Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.pds.gov.cn","organization":"平顶山市人民政府办公室（平顶山市人民政府研究室）"},"issuer":{"commonName":"DigiCert Basic OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Tue, 13 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:67:BB:2E:59:8A:AC:42:E3:00:D7:C0:AC:4C:66:16:D8:F4:70:64","sha256":"84:A1:86:3F:C6:93:BA:62:18:E0:20:96:12:04:C3:B2:04:3B:82:90:62:90:DC:2F:40:C8:D0:43:2C:3A:6B:92"}}},"request":{"raw":"GET /css/pdscommon.css HTTP/1.1\r\nHost: www.pds.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 23 Mar 2026 03:47:23 GMT\r\ncontent-type: text/css\r\ncontent-length: 3\r\nlast-modified: Sat, 04 Apr 2020 16:02:57 GMT\r\netag: \"5e88afb1-3\"\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000\r\nx-xss-protection: 1\r\ncontent-security-policy: *\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-permitted-cross-domain-policies: master-only\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\ncross-origin-embedder-policy: unsafe-none\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3,"size_decoded":0,"mime_type":"text/css","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":4370,"timings":{"blocked":1736,"dns":452,"connect":263,"send":0,"wait":878,"receive":1,"ssl":1037},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dajiafa888.com:22118/fcl.php?keyword=%E6%B0%B8%E4%B9%90%E9%AB%98%C2%B760net(%E4%B8%AD%E5%9B%BD%C2%B7%E9%9B%86%E5%9B%A2)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-Best%20Of%20Best\u0026from=pc\u0026originUrl=http%3A%2F%2Fwww.qgwjg.com%2F\u0026referer=\u0026userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026v=3445","fqdn":"dajiafa888.com","domain":"dajiafa888.com","tld":"com"},"ip":{"addr":"143.92.57.36","port":22118,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:22.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"dajiafa888.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Feb 2026 22:05:09 GMT","end":"Sat, 02 May 2026 22:05:08 GMT"},"fingerprint":{"sha1":"7B:8B:AC:A5:E8:01:40:2A:8D:EA:45:2C:53:BD:DB:CE:93:C9:4F:9F","sha256":"83:87:E2:E4:92:96:7C:2E:26:64:0F:D4:CB:68:D6:82:EE:75:67:F4:60:9C:52:03:C5:FA:A5:97:FB:BA:67:53"}}},"request":{"raw":"GET /fcl.php?keyword=%E6%B0%B8%E4%B9%90%E9%AB%98%C2%B760net(%E4%B8%AD%E5%9B%BD%C2%B7%E9%9B%86%E5%9B%A2)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-Best%20Of%20Best\u0026from=pc\u0026originUrl=http%3A%2F%2Fwww.qgwjg.com%2F\u0026referer=\u0026userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026v=3445 HTTP/1.1\r\nHost: dajiafa888.com:22118\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://www.qgwjg.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:23 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nAccess-Control-Allow-Origin: *\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":3026,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"50caefd6b855ff63089d201a64a83f31","sha1":"87da42521798a7bd3ff949adc0bf0e2cdfdcf8ef","sha256":"51a4edef7bb381efe90323e244cb456b07f793953648b2af8a6f8eeba1bba496","sha512":"f76155c9f5a8bf8668aead12abba9b18fa56db9d30593a79b62aeae6a7b0be6e92de60c305edf9404369b6a51e38bd345b7a7b3b078aef137b320c1c3a044841","ssdeep":"","tlshash":"5251a0a796c918720673c2e6bab07768fce3800fce15a9d2f4ad125b0b70e51b453a4d","first_seen":"2026-03-23T03:48:11.402298Z","last_seen":"2026-03-23T03:48:11.402298Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2216,"timings":{"blocked":951,"dns":80,"connect":288,"send":0,"wait":311,"receive":0,"ssl":583},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/images/d.gif","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:23.951Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/d.gif HTTP/1.1\r\nHost: www.qgwjg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/css/index.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:24 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: https://mzj.pds.gov.cn/images/d.gif\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":85,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":181,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/images/20180111112816.png","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:23.950Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/20180111112816.png HTTP/1.1\r\nHost: www.qgwjg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:24 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: https://mzj.pds.gov.cn/images/20180111112816.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":36342,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":181,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/css/index.css","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.242Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/index.css HTTP/1.1\r\nHost: www.qgwjg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:21 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":8092,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"b582cf62e2c37182513c37d089a48073","sha1":"0a090a35586370106c37094cead3d796842f2009","sha256":"05e5d8f2bc013d51c5bb9749a961fa4d1a5950551a9d02a047927c2cc51c46ce","sha512":"4df3d9760d0db6153d4fd6e18162860f2de81ee7b678798bbd33ced46b1283cdda231f5437fff6eeb1c8ba48faa4fb14952b75f6c2a95eb4e2b768c045a4c400","ssdeep":"96:aZz2NTCi4yHpy95wBWRkDwhR/5U5RAd3W2sCMSPSFyyEkHeC16axkI:22NTCi4ycyWRkD5PAVUiS0EeCr","tlshash":"60f18c729af30544b52299f16f1caa46170d9163920ef0bd7fe0b58c8fcd1a694e3b8d","first_seen":"2026-03-23T03:48:11.403215Z","last_seen":"2026-03-23T03:48:11.403215Z","times_seen":1,"resource_available":false,"data":null}},"time_used":525,"timings":{"blocked":129,"dns":1,"connect":146,"send":0,"wait":249,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auth.mangren.com/boots/mzj.pds.gov.cn/esdToolsInit.js","fqdn":"auth.mangren.com","domain":"mangren.com","tld":"com"},"ip":{"addr":"60.247.145.81","port":443,"asn":38283,"as":"CHINANET SiChuan Telecom Internet Data Center","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.yunmd.net","organization":""},"issuer":{"commonName":"sslTrus (RSA) DV CA","organization":"sslTrus"},"validity":{"start":"Thu, 26 Jun 2025 00:00:00 GMT","end":"Mon, 27 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5C:43:98:8B:85:DA:60:A2:48:9E:81:7B:54:15:04:F5:10:D3:F2:70","sha256":"9B:0E:7B:EB:15:C0:C8:45:A3:83:B8:C9:E0:48:15:34:B2:23:01:03:6E:E5:DE:27:E6:7E:16:89:C0:62:8A:FE"}}},"request":{"raw":"GET /boots/mzj.pds.gov.cn/esdToolsInit.js HTTP/1.1\r\nHost: auth.mangren.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 23 Mar 2026 03:47:22 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text","md5":"4db64ba5d34c0142023d405bcce73910","sha1":"6a8631848758d9eba1c86cebd2a584f528e68703","sha256":"bec1b9ef8c5631992792e3533ec3f1c67d5a67196632ae7034d7ce84e1653a9e","sha512":"2e64d64a66aaa4e07ced3aa7b5d61c4a224d6115d9c43c41567464b5e4204c7d8c7e879561028c1c71e7686120327732cab10f5d4f23a9515d3666114827a250","ssdeep":"","tlshash":"9450000300000000000000033c000f03c00000c3000000300c000000c03300c03c0000","first_seen":"2026-03-14T12:27:08.144287Z","last_seen":"2026-03-23T03:48:11.403964Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1823,"timings":{"blocked":-1,"dns":363,"connect":280,"send":0,"wait":288,"receive":0,"ssl":892},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fcl.xueyuxingfeng.com:6987/master/fun/sj.js","fqdn":"fcl.xueyuxingfeng.com","domain":"xueyuxingfeng.com","tld":"com"},"ip":{"addr":"27.124.44.6","port":6987,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.396Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"fcl.xueyuxingfeng.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 02:39:06 GMT","end":"Mon, 15 Jun 2026 02:39:05 GMT"},"fingerprint":{"sha1":"9C:02:BC:FD:E6:FD:6F:73:A8:FF:02:17:D8:7B:9B:7F:1C:15:3C:76","sha256":"C8:B1:53:77:6B:D6:88:15:FD:58:31:16:AE:D3:12:44:08:D5:BD:EF:E6:F5:9E:D4:9A:66:25:E8:50:22:88:B1"}}},"request":{"raw":"GET /master/fun/sj.js HTTP/1.1\r\nHost: fcl.xueyuxingfeng.com:6987\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:22 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Tue, 08 Oct 2024 16:20:01 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"67055bb1-d23\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3363,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"12de2458417cf5ada96ad1a853cfba81","sha1":"b8782615c9815c72070a4e785b95acd056cf397c","sha256":"2694bee860690e5659d75440ecb916c6cb8ee8310b4c0bda653b10ea2a0a0f85","sha512":"08b2e31e58dac46f0300639446090be0608bc290192bb66e6bf32f9c1c0d5b9782df890b8c9a9b4f10a4c87b80d0b2c44e785444eb8d0d86c5f20cf8b9b54fbb","ssdeep":"","tlshash":"be611f54ef8d20338e133155ae6f958c24be68577958eca7f84c64d44fa0d38852beac","first_seen":"2024-10-11T08:18:50.521405Z","last_seen":"2026-04-05T01:02:30.533414Z","times_seen":318,"resource_available":true,"data":null}},"time_used":1276,"timings":{"blocked":0,"dns":57,"connect":302,"send":0,"wait":302,"receive":0,"ssl":615},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"fcl.xueyuxingfeng.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"fcl.xueyuxingfeng.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mzj.pds.gov.cn/images/ico-5-4.png","fqdn":"mzj.pds.gov.cn","domain":"pds.gov.cn","tld":"gov.cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:23.245Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.pds.gov.cn","organization":"平顶山市人民政府办公室（平顶山市人民政府研究室）"},"issuer":{"commonName":"DigiCert Basic OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Tue, 13 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:67:BB:2E:59:8A:AC:42:E3:00:D7:C0:AC:4C:66:16:D8:F4:70:64","sha256":"84:A1:86:3F:C6:93:BA:62:18:E0:20:96:12:04:C3:B2:04:3B:82:90:62:90:DC:2F:40:C8:D0:43:2C:3A:6B:92"}}},"request":{"raw":"GET /images/ico-5-4.png HTTP/1.1\r\nHost: mzj.pds.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.qgwjg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":731,"timings":{"blocked":-1,"dns":680,"connect":16,"send":0,"wait":0,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mzj.pds.gov.cn/upload/images/2023/8/9e63688432ae801fec96de96d2e7a3af.png","fqdn":"mzj.pds.gov.cn","domain":"pds.gov.cn","tld":"gov.cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:23.351Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/images/2023/8/9e63688432ae801fec96de96d2e7a3af.png HTTP/1.1\r\nHost: mzj.pds.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.qgwjg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mzj.pds.gov.cn/images/wx.png","fqdn":"mzj.pds.gov.cn","domain":"pds.gov.cn","tld":"gov.cn"},"ip":{"addr":"163.171.134.56","port":443,"asn":54994,"as":"ML-1432-54994","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:24.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.pds.gov.cn","organization":"平顶山市人民政府办公室（平顶山市人民政府研究室）"},"issuer":{"commonName":"DigiCert Basic OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Tue, 13 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:67:BB:2E:59:8A:AC:42:E3:00:D7:C0:AC:4C:66:16:D8:F4:70:64","sha256":"84:A1:86:3F:C6:93:BA:62:18:E0:20:96:12:04:C3:B2:04:3B:82:90:62:90:DC:2F:40:C8:D0:43:2C:3A:6B:92"}}},"request":{"raw":"GET /images/wx.png HTTP/1.1\r\nHost: mzj.pds.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.qgwjg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 23 Mar 2026 03:47:27 GMT\r\nContent-Type: image/png\r\nContent-Length: 344\r\nConnection: keep-alive\r\nServer: nginx\r\nLast-Modified: Fri, 16 Mar 2018 07:44:52 GMT\r\nETag: \"5aab75f4-158\"\r\nAccept-Ranges: bytes\r\nStrict-Transport-Security: max-age=31536000\r\nX-XSS-Protection: 1\r\nX-Permitted-Cross-Domain-Policies: master-only\r\nX-Download-Options: noopen\r\nCross-Origin-Embedder-Policy: unsafe-none\r\nCross-Origin-Opener-Policy: same-origin\r\nCross-Origin-Resource-Policy: cross-origin\r\nPermissions-Policy: fullscreen=(self) geolocation=(self)\r\nX-Frame-Options: DENY\r\nReferrer-Policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin\r\nContent-Security-Policy: frame-ancestors 'none'\r\nAccess-Control-Allow-Origin: https://user.pds.gov.cn\r\nx-via: 1.1 PSjshasx3kz101:3 (Cdn Cache Server V2.0), 1.1 VM-ARN-01Kmy5:4 (Cdn Cache Server V2.0)\r\nx-ws-request-id: 69c0b7ce_VM-ARN-01Kmy5_21430-62300\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":344,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 16, 8-bit/color RGBA, non-interlaced","md5":"e357546a473e6e182773af965f57b94a","sha1":"411471b7b32371f5da59dba8cf1a6ebd6d5c071d","sha256":"0b82a00f5f673dfa11ebbd21df6402cd282fac3e7a82370ec63b84ff8b930bf0","sha512":"37580997867790bd531cef18d6dab1f2f613df5f8147a0308ca94c6ccf8146b5a5bb4988871353cd8ff62bf64809d0b5eb1e0c9868d78d44c1b3af4abc2cf21b","ssdeep":"","tlshash":"dee0c0de81e3d86bc3ec7012a32d2427e90a11180336961452a1e0655c996127348d07","first_seen":"2026-03-23T03:48:11.405334Z","last_seen":"2026-03-23T03:48:11.405334Z","times_seen":1,"resource_available":false,"data":null}},"time_used":4750,"timings":{"blocked":1884,"dns":1,"connect":8,"send":0,"wait":980,"receive":1,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"user.pds.gov.cn/userCenter/js/user.js","fqdn":"user.pds.gov.cn","domain":"pds.gov.cn","tld":"gov.cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.252Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.pds.gov.cn","organization":"平顶山市人民政府办公室（平顶山市人民政府研究室）"},"issuer":{"commonName":"DigiCert Basic OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Tue, 13 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:67:BB:2E:59:8A:AC:42:E3:00:D7:C0:AC:4C:66:16:D8:F4:70:64","sha256":"84:A1:86:3F:C6:93:BA:62:18:E0:20:96:12:04:C3:B2:04:3B:82:90:62:90:DC:2F:40:C8:D0:43:2C:3A:6B:92"}}},"request":{"raw":"GET /userCenter/js/user.js HTTP/1.1\r\nHost: user.pds.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2685,"timings":{"blocked":-1,"dns":1876,"connect":269,"send":0,"wait":0,"receive":0,"ssl":539},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/upload/images/2025/9/fc001a4b16e7817a8a23b704a4895529.png","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.253Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/images/2025/9/fc001a4b16e7817a8a23b704a4895529.png HTTP/1.1\r\nHost: www.qgwjg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:23 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: https://mzj.pds.gov.cn/upload/images/2025/9/fc001a4b16e7817a8a23b704a4895529.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":1925,"timings":{"blocked":1730,"dns":0,"connect":0,"send":0,"wait":195,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pds.gov.cn/upload/images/2024/3/21/c4f3d8197f5edb370aed1e56b1a7a801.png","fqdn":"pds.gov.cn","domain":"pds.gov.cn","tld":"gov.cn"},"ip":{"addr":"218.28.75.21","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.255Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.pds.gov.cn","organization":"平顶山市人民政府办公室（平顶山市人民政府研究室）"},"issuer":{"commonName":"DigiCert Basic OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Tue, 13 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:67:BB:2E:59:8A:AC:42:E3:00:D7:C0:AC:4C:66:16:D8:F4:70:64","sha256":"84:A1:86:3F:C6:93:BA:62:18:E0:20:96:12:04:C3:B2:04:3B:82:90:62:90:DC:2F:40:C8:D0:43:2C:3A:6B:92"}}},"request":{"raw":"GET /upload/images/2024/3/21/c4f3d8197f5edb370aed1e56b1a7a801.png HTTP/1.1\r\nHost: pds.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2862,"timings":{"blocked":1728,"dns":0,"connect":238,"send":0,"wait":877,"receive":257,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pds.gov.cn/upload/images/2025/6/5/4ec30aee89a2b5e87b49530dc585e57f.jpg","fqdn":"pds.gov.cn","domain":"pds.gov.cn","tld":"gov.cn"},"ip":{"addr":"218.28.75.21","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.256Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.pds.gov.cn","organization":"平顶山市人民政府办公室（平顶山市人民政府研究室）"},"issuer":{"commonName":"DigiCert Basic OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Tue, 13 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:67:BB:2E:59:8A:AC:42:E3:00:D7:C0:AC:4C:66:16:D8:F4:70:64","sha256":"84:A1:86:3F:C6:93:BA:62:18:E0:20:96:12:04:C3:B2:04:3B:82:90:62:90:DC:2F:40:C8:D0:43:2C:3A:6B:92"}}},"request":{"raw":"GET /upload/images/2025/6/5/4ec30aee89a2b5e87b49530dc585e57f.jpg HTTP/1.1\r\nHost: pds.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2863,"timings":{"blocked":1727,"dns":0,"connect":226,"send":0,"wait":877,"receive":259,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/images/ico-5-8.png","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.263Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/ico-5-8.png HTTP/1.1\r\nHost: www.qgwjg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:23 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: https://mzj.pds.gov.cn/images/ico-5-8.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2086,"timings":{"blocked":1915,"dns":0,"connect":0,"send":0,"wait":171,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/css/banner.css","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.244Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/banner.css HTTP/1.1\r\nHost: www.qgwjg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:21 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1531,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"d9505e37a74dd9664d9dd111a12afc80","sha1":"83eadaf8ef2be03ea269128f7cb8a59356e761aa","sha256":"122752f692be855a130e7116437f70ff288a125650819561a734dd76b05c4e52","sha512":"4456db38ae7a95b71e02fa8714bc3ad34878c8977c69d18785ff0044d5acddc7aefa566d0abfd3edf7fe49309b33a265ea455c30682ea23752bdf5fe41d5ea37","ssdeep":"","tlshash":"e931a1550e6b14a8b40ad2b84fe91b6e031c600be62bc41cfb9071c58f8d175e153bd8","first_seen":"2026-03-23T03:48:11.406203Z","last_seen":"2026-03-23T03:48:11.406203Z","times_seen":1,"resource_available":false,"data":null}},"time_used":541,"timings":{"blocked":130,"dns":1,"connect":147,"send":0,"wait":263,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/upload/images/2023/8/fda89592cbb3ddee871187578e5d85f7.png","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.259Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /upload/images/2023/8/fda89592cbb3ddee871187578e5d85f7.png HTTP/1.1\r\nHost: www.qgwjg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:23 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: https://mzj.pds.gov.cn/upload/images/2023/8/fda89592cbb3ddee871187578e5d85f7.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":1922,"timings":{"blocked":1724,"dns":0,"connect":0,"send":0,"wait":198,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"test.xinxiyidiantong.com:2096/images/logo.png","fqdn":"test.xinxiyidiantong.com","domain":"xinxiyidiantong.com","tld":"com"},"ip":{"addr":"27.124.44.50","port":2096,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:24.163Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"test.xinxiyidiantong.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 18 Mar 2026 02:32:06 GMT","end":"Tue, 16 Jun 2026 02:32:05 GMT"},"fingerprint":{"sha1":"F2:3E:4A:2C:AE:0F:1A:DC:04:1B:0A:91:04:E5:C8:80:09:CC:AD:F9","sha256":"C8:04:B0:6D:F6:48:F8:59:49:78:07:B9:83:C7:73:52:35:C4:D4:82:9E:3E:61:44:90:D3:1F:8A:03:C5:BD:87"}}},"request":{"raw":"GET /images/logo.png HTTP/1.1\r\nHost: test.xinxiyidiantong.com:2096\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:26 GMT\r\nContent-Type: image/png\r\nContent-Length: 27927\r\nLast-Modified: Fri, 22 Oct 2021 07:29:32 GMT\r\nConnection: keep-alive\r\nETag: \"6172685c-6d17\"\r\nExpires: Wed, 22 Apr 2026 03:47:26 GMT\r\nCache-Control: max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27927,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 255 x 85, 8-bit/color RGBA, non-interlaced","md5":"1555066b01ba12346071989c467ccf25","sha1":"50c92c270ddc54e309f1499dde7e04fddcdee8c4","sha256":"a8102cc2e6a32d0e128a3757c711489f1d7426123617283cf8d3cb1fd838f101","sha512":"859208a96a6ea1d6030470c159a9dda03a06203d106e19bd71885909d8b329ea6bba0b9068629fbf8d5a1ef693d36239dbde79788f082177e745b9584af1f319","ssdeep":"768:OVmJDb1mQ/HASD6KkXkbJzKyV3Tp1I+JZ:fJD5r4S2KjzKylI+JZ","tlshash":"d5c2e189f1e16d8c20d1e40d5f916979b7d7e0c19554f6f2a0c8f8266e3a249ed08cd7","first_seen":"2023-05-06T09:29:06Z","last_seen":"2026-04-04T22:45:47.064391Z","times_seen":1726,"resource_available":false,"data":null}},"time_used":4413,"timings":{"blocked":1899,"dns":62,"connect":298,"send":0,"wait":597,"receive":2,"ssl":595},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"test.xinxiyidiantong.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.qgwjg.com/","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-23T03:47:20.125Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: www.qgwjg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":506,"timings":{"blocked":506,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.pds.gov.cn//upload/images/2024/3/11/f62fad081fe56be4833a6d6a149c3086.jpg","fqdn":"www.pds.gov.cn","domain":"pds.gov.cn","tld":"gov.cn"},"ip":{"addr":"218.28.75.21","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.pds.gov.cn","organization":"平顶山市人民政府办公室（平顶山市人民政府研究室）"},"issuer":{"commonName":"DigiCert Basic OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Tue, 13 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:67:BB:2E:59:8A:AC:42:E3:00:D7:C0:AC:4C:66:16:D8:F4:70:64","sha256":"84:A1:86:3F:C6:93:BA:62:18:E0:20:96:12:04:C3:B2:04:3B:82:90:62:90:DC:2F:40:C8:D0:43:2C:3A:6B:92"}}},"request":{"raw":"GET //upload/images/2024/3/11/f62fad081fe56be4833a6d6a149c3086.jpg HTTP/1.1\r\nHost: www.pds.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 23 Mar 2026 03:47:22 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 122269\r\nlast-modified: Mon, 11 Mar 2024 07:11:01 GMT\r\netag: \"65eeae85-1dd9d\"\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000\r\nx-xss-protection: 1\r\ncontent-security-policy: *\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-permitted-cross-domain-policies: master-only\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\ncross-origin-embedder-policy: unsafe-none\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":122269,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=178, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=533], baseline, precision 8, 533x178, components 3","md5":"2a7033426da8beb2d63d89856b543992","sha1":"e76fa5e8e0c05c7a455221328a053c2129c790b5","sha256":"193440bdf813bd9c0fb28c57a6994d831d8e7daf2f78ce838973f58e6fbf0835","sha512":"1b08e21ddd77d1b2ec38ea76680084660d16d4ea445dc432c38d5c609bd9d1e044cf0678e24b6c7352bdd92da877b0e0127a76938f9c97556c4a02310a5e2c2a","ssdeep":"3072:WLwNzUg0KQ1jikeHC7B88QQA6Wt6+r4W3N2O:WLwyxjikeSB0QpWwW3N2O","tlshash":"fec312267a67df12e9cc07b68070c75265376e701acb67c8bcad588aff358944c2c61e","first_seen":"2026-01-23T16:16:18.289498Z","last_seen":"2026-03-23T03:48:11.407455Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2600,"timings":{"blocked":1556,"dns":0,"connect":0,"send":0,"wait":260,"receive":784,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mzj.pds.gov.cn/images/ewm2.png","fqdn":"mzj.pds.gov.cn","domain":"pds.gov.cn","tld":"gov.cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:23.242Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.pds.gov.cn","organization":"平顶山市人民政府办公室（平顶山市人民政府研究室）"},"issuer":{"commonName":"DigiCert Basic OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Tue, 13 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:67:BB:2E:59:8A:AC:42:E3:00:D7:C0:AC:4C:66:16:D8:F4:70:64","sha256":"84:A1:86:3F:C6:93:BA:62:18:E0:20:96:12:04:C3:B2:04:3B:82:90:62:90:DC:2F:40:C8:D0:43:2C:3A:6B:92"}}},"request":{"raw":"GET /images/ewm2.png HTTP/1.1\r\nHost: mzj.pds.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.qgwjg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":1462,"timings":{"blocked":727,"dns":687,"connect":7,"send":0,"wait":0,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/images/wx.png","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:23.948Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/wx.png HTTP/1.1\r\nHost: www.qgwjg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/css/style.css\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:24 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: https://mzj.pds.gov.cn/images/wx.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":344,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":179,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/css/style.css","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.241Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/style.css HTTP/1.1\r\nHost: www.qgwjg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:21 GMT\r\nContent-Type: text/css;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/5.4.41\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":4771,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text","md5":"4575a9456d64902f0102731913c8e0e4","sha1":"2585e271ef651958a8331064f5cf7408cf68af13","sha256":"8f308d3e7ef366e89d75a981d561a4acf30904d080a6a45f8235e7e2932c676e","sha512":"37d66141bbf10e3e9765a9b123da360ab83f0cc9a44dac968c1c0737ce99de2f35cf1c53bf129f7dc9157265d0d8119ab71974910adf367c367020bd98b1b02b","ssdeep":"96:Tg9MNPJKokfQtanFWJ1zRgF2StwmajTplF5zhpZKDYrpCRw5i4q:Tg9qKokfQtaFWJ1zRgFXwZjllF5zDZKp","tlshash":"3aa1f19396b32a4ab815c5f5af694754232d5007120ee07c7fe8b2dc8fce1d585a3b8c","first_seen":"2026-03-23T03:48:11.408271Z","last_seen":"2026-03-23T03:48:11.408271Z","times_seen":1,"resource_available":false,"data":null}},"time_used":453,"timings":{"blocked":130,"dns":0,"connect":145,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/images/ico-5-6.png","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.262Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/ico-5-6.png HTTP/1.1\r\nHost: www.qgwjg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:23 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: https://mzj.pds.gov.cn/images/ico-5-6.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2100,"timings":{"blocked":1920,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/images/ico-5-5.png","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.261Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/ico-5-5.png HTTP/1.1\r\nHost: www.qgwjg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:23 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: https://mzj.pds.gov.cn/images/ico-5-5.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2096,"timings":{"blocked":1921,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pds.gov.cn/images/gaba.png","fqdn":"pds.gov.cn","domain":"pds.gov.cn","tld":"gov.cn"},"ip":{"addr":"218.28.75.21","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.265Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.pds.gov.cn","organization":"平顶山市人民政府办公室（平顶山市人民政府研究室）"},"issuer":{"commonName":"DigiCert Basic OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Tue, 13 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:67:BB:2E:59:8A:AC:42:E3:00:D7:C0:AC:4C:66:16:D8:F4:70:64","sha256":"84:A1:86:3F:C6:93:BA:62:18:E0:20:96:12:04:C3:B2:04:3B:82:90:62:90:DC:2F:40:C8:D0:43:2C:3A:6B:92"}}},"request":{"raw":"GET /images/gaba.png HTTP/1.1\r\nHost: pds.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":2852,"timings":{"blocked":1718,"dns":0,"connect":239,"send":0,"wait":877,"receive":257,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/jquery.min.js","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.238Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /jquery.min.js HTTP/1.1\r\nHost: www.qgwjg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:21 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 731\r\nLast-Modified: Wed, 12 Nov 2025 05:27:46 GMT\r\nConnection: keep-alive\r\nETag: \"69141ad2-2db\"\r\nExpires: Mon, 23 Mar 2026 04:47:21 GMT\r\nCache-Control: max-age=3600\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":731,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (730)","md5":"4b5423e72ea20a41a09de130fd10ab6e","sha1":"c52a85615bcc85d5754ccb34698d09d4739107e3","sha256":"88746c42735c7c282add4d40ac4e2117973b081ab6ae08656221885c2155cbea","sha512":"4c43f0ff7f192a84f50b66cb0a075c778e4dd767d357d873ac9ee3d702465c673d9220e74a8286710e758935bec2804b739e258d587592ad89c9acb35e43b9f2","ssdeep":"","tlshash":"2c014bdc87c8d85b6ecc5e43ea24deca61b2823b97d831838329fa8c01a9152c89c459","first_seen":"2023-03-12T23:00:27Z","last_seen":"2026-04-05T01:02:30.5379Z","times_seen":145,"resource_available":true,"data":null}},"time_used":160,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":160,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"www.qgwjg.com/images/ico-5-4.png","fqdn":"www.qgwjg.com","domain":"qgwjg.com","tld":"com"},"ip":{"addr":"50.2.98.176","port":80,"asn":62904,"as":"AS62904","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.260Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/ico-5-4.png HTTP/1.1\r\nHost: www.qgwjg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nServer: nginx\r\nDate: Mon, 23 Mar 2026 03:47:23 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.4.41\r\nLocation: https://mzj.pds.gov.cn/images/ico-5-4.png\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:5.4.41","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":1921,"timings":{"blocked":1723,"dns":0,"connect":0,"send":0,"wait":198,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-23","alert":"Sinkholed","trigger":"www.qgwjg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zfwzgl.www.gov.cn/exposure/jiucuo.js","fqdn":"zfwzgl.www.gov.cn","domain":"www.gov.cn","tld":"gov.cn"},"ip":{"addr":"36.112.20.164","port":443,"asn":4847,"as":"China Networks Inter-Exchange","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.www.gov.cn","organization":"国务院办公厅秘书局"},"issuer":{"commonName":"CFCA OV OCA","organization":"China Financial Certification Authority"},"validity":{"start":"Thu, 24 Apr 2025 05:50:12 GMT","end":"Fri, 24 Apr 2026 05:50:11 GMT"},"fingerprint":{"sha1":"60:85:24:CD:FE:93:A2:C8:D3:17:E8:D9:62:87:26:CC:2C:B9:44:B8","sha256":"53:40:44:FE:B2:22:78:00:3A:4A:65:C0:F4:07:EA:C1:66:9A:6A:06:48:AB:9B:34:A8:CA:F6:F5:91:6B:04:56"}}},"request":{"raw":"GET /exposure/jiucuo.js HTTP/1.1\r\nHost: zfwzgl.www.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 23 Mar 2026 03:47:29 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Tue, 29 Nov 2022 13:54:42 GMT\r\nVary: Accept-Encoding\r\nETag: W/\"63860f22-5c5\"\r\nExpires: Sat, 28 Mar 2026 03:47:18 GMT\r\nCache-Control: max-age=432000\r\nX-Frame-Options: SAMEORIGIN\r\nX-XSS-Protection: 1; mode=block\r\nContent-Encoding: gzip\r\nServer: elb\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1477,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"6ceca9849e3ac1a8b22a998d3f299c15","sha1":"829911ad240e6663f9e4a67ef790cd237d2e596d","sha256":"e00d4b4e99a212980e4d697ae1082e5dd9e583bf321d795e97e52c4ac30177a0","sha512":"06a2707f60ad806c5454fc004b48f435342e2b16051516a5352d43024b56912fcf50902207c00faed7810efea6f70a81c0c1a6aad9cf52658890b2594475a9c3","ssdeep":"","tlshash":"133115e220031d37567a12b1637d220abaedae71cc1dc504ac2c468716ac65af2235fe","first_seen":"2023-03-12T11:40:32Z","last_seen":"2026-03-23T03:48:11.409576Z","times_seen":43,"resource_available":true,"data":null}},"time_used":1500,"timings":{"blocked":-1,"dns":27,"connect":233,"send":0,"wait":247,"receive":0,"ssl":994},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.pds.gov.cn/js/publicTools.js","fqdn":"www.pds.gov.cn","domain":"pds.gov.cn","tld":"gov.cn"},"ip":{"addr":"218.28.75.21","port":443,"asn":4837,"as":"CHINA UNICOM China169 Backbone","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:21.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.pds.gov.cn","organization":"平顶山市人民政府办公室（平顶山市人民政府研究室）"},"issuer":{"commonName":"DigiCert Basic OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Tue, 13 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:67:BB:2E:59:8A:AC:42:E3:00:D7:C0:AC:4C:66:16:D8:F4:70:64","sha256":"84:A1:86:3F:C6:93:BA:62:18:E0:20:96:12:04:C3:B2:04:3B:82:90:62:90:DC:2F:40:C8:D0:43:2C:3A:6B:92"}}},"request":{"raw":"GET /js/publicTools.js HTTP/1.1\r\nHost: www.pds.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.qgwjg.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 23 Mar 2026 03:47:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 2887\r\nlast-modified: Fri, 10 Jan 2025 06:02:29 GMT\r\netag: \"6780b7f5-b47\"\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=31536000\r\nx-xss-protection: 1\r\ncontent-security-policy: *\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-permitted-cross-domain-policies: master-only\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\ncross-origin-embedder-policy: unsafe-none\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2887,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (719), with CRLF line terminators","md5":"35bd846ec2da7abbbd9af5073ff17ca4","sha1":"8a64460e4366c7727029d54ca28b9817295b8260","sha256":"8619cf176e037beebcc2f7f9994ead69f8003c63d07c92968f320c91e135ab70","sha512":"474ee3adf44c4a831fc5cd73b419647c3a4faf99a2ba10afc4246d2d1fec061448e24bc63b2a61785c276511750cdbe5f9d552f8c4a5269c72920542a897ea76","ssdeep":"","tlshash":"5a518324f1f06625333b902de65182cafd70011786479a18be8debe2af34c691a3778c","first_seen":"2025-07-19T18:36:53.831814Z","last_seen":"2026-03-23T03:48:11.410052Z","times_seen":3,"resource_available":true,"data":null}},"time_used":2610,"timings":{"blocked":-1,"dns":428,"connect":270,"send":0,"wait":880,"receive":2,"ssl":1029},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mzj.pds.gov.cn/upload/images/2023/8/fda89592cbb3ddee871187578e5d85f7.png","fqdn":"mzj.pds.gov.cn","domain":"pds.gov.cn","tld":"gov.cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:23.244Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.pds.gov.cn","organization":"平顶山市人民政府办公室（平顶山市人民政府研究室）"},"issuer":{"commonName":"DigiCert Basic OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Tue, 13 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:67:BB:2E:59:8A:AC:42:E3:00:D7:C0:AC:4C:66:16:D8:F4:70:64","sha256":"84:A1:86:3F:C6:93:BA:62:18:E0:20:96:12:04:C3:B2:04:3B:82:90:62:90:DC:2F:40:C8:D0:43:2C:3A:6B:92"}}},"request":{"raw":"GET /upload/images/2023/8/fda89592cbb3ddee871187578e5d85f7.png HTTP/1.1\r\nHost: mzj.pds.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.qgwjg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":1462,"timings":{"blocked":728,"dns":683,"connect":17,"send":0,"wait":0,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mzj.pds.gov.cn/images/ico-5-5.png","fqdn":"mzj.pds.gov.cn","domain":"pds.gov.cn","tld":"gov.cn"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.qgwjg.com/","date":"2026-03-23T03:47:23.366Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/ico-5-5.png HTTP/1.1\r\nHost: mzj.pds.gov.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://www.qgwjg.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T07:47:05.597876Z","times_seen":13365748,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}