{"report_id":"bea8bf60-fb4b-461c-acc9-67821a8c8fef","version":6,"status":"done","tags":[],"date":"2026-04-08T11:27:13Z","url":{"schema":"http","addr":"gc-arpsc.org/","fqdn":"gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":0,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"www.gc-arpsc.org/","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"title":"「pc28」预测-加拿大28在线预测网|pc28白马预测-飞飞加拿大28|PC走势预测","dom":{"size":24877,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4859)","md5":"3d74cee1bfe4facaee1cc9e3af95584d","sha1":"a1cf9227b4cb8e275a447aa4016a3678b1b3407d","sha256":"95cffc6ba77dc6f87b5a578074246a0d275c18a4b2c8276325e5713d6df69b25","sha512":"2f577bebcf781917f4b5a3251e3cddd99f1f76466c27cc65b6ef23a03d222d3c804b752abb8dcf840f3707d18c22ab3b0107b8dedd10b6f61e6a51c043ae7509","ssdeep":"768:AiBh3F8sIMyOidkIiNXa9wAJVL/PdFIQooQnCW1yXHleqHM976:Z3F8sIMyOidkIiNXa9wAJVL/PdFIQood","tlshash":"0cb242a1b5f634627033a1a99c75bf0f6de05253e3420e1476be1bfbaf84ce02943656","dom_hash":"domhash0aff98dc8ccf1f2e04f9cfd1b53c5a80","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"gc-arpsc.org/","fqdn":"gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":0,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-13T11:27:13Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.gc-arpsc.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"gc-arpsc.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.251.38.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-04-05T22:16:34.770209Z","alert_count":0,"request_count":12,"received_data":433564,"sent_data":6573,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.gc-arpsc.org","ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"2024-04-15","domain_rank":0,"first_seen":"2026-04-08T11:27:14.257495Z","last_seen":"2026-04-08T11:27:14.257495Z","alert_count":24,"request_count":24,"received_data":618939,"sent_data":13380,"comment":"","tags":null,"fingerprints":[{"name":"jQuery:1.10.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"hm.baidu.com","ip":{"addr":"111.45.3.198","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":54491,"first_seen":"2012-05-26T08:38:45Z","last_seen":"2026-04-06T04:32:17.512298Z","alert_count":0,"request_count":7,"received_data":3493,"sent_data":5198,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"jsjsjs.vip","ip":{"addr":"103.48.133.35","port":443,"asn":138415,"as":"Yancy Limited","country":"South Korea","country_code":"KR"},"domain_registered":"2024-04-16","domain_rank":0,"first_seen":"2024-04-16T11:18:14Z","last_seen":"2026-04-08T11:24:12.18697Z","alert_count":0,"request_count":6,"received_data":38622,"sent_data":2598,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"gc-arpsc.org","ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":1,"request_count":1,"received_data":18544,"sent_data":481,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.jsjsjs.vip","ip":{"addr":"103.48.133.35","port":443,"asn":138415,"as":"Yancy Limited","country":"South Korea","country_code":"KR"},"domain_registered":"2024-04-16","domain_rank":0,"first_seen":"2024-07-21T20:15:25Z","last_seen":"2026-04-08T11:24:12.1243Z","alert_count":0,"request_count":9,"received_data":163599,"sent_data":3723,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-05T22:20:18.514512Z","alert_count":0,"request_count":3,"received_data":73922,"sent_data":1539,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.gc-arpsc.org/","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-15T20:36:37.55585Z","times_seen":105530,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"bff2905c64d1dcaf80bc7c9500311979","sha1":"594ee837b569123476e8a1ee6f3a89822d1ccdb4","sha256":"e19c5697ee230a83eddcafe86eb5253447b633c7817b823540a08bec2cb7cb51","sha512":"53e77d11a2b2393a99c42757c94e7aa1e9ef0c043b13ebacb36f9647ba414bbcd498bf3853d2534ba429f28d728cb71bdf45af16d77809079c7efbf11753cea5","ssdeep":"","tlshash":"5af055eb1386cca93d962dbc2203362ca58c0d746c8c89bc1ea4a8252ac0ef711d119f","size":487,"data":"","first_seen":"2026-04-08T11:27:19.171609Z","last_seen":"2026-04-08T11:27:19.171609Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"e76371cfba7c1e9254b5f7165b0b3418","sha1":"5999064d941f72b315478088a73801814c584f08","sha256":"1dcc88f56e500b218599b3710ebebae112bb3c125507b557cbff48fa09dbd6f3","sha512":"2a939b3823daf8cbd0199fec40d8b58c307488b82bca83c7dc50ae7ae775df66f9ce8e43e27291d49b7726921ed706c4b2c987c611027ef78ed8de3a176042de","ssdeep":"","tlshash":"71d02beb218180cc7f5774c85003708c961d1f84156129504c51ad5b3880d335d5787e","size":271,"data":"","first_seen":"2026-04-08T11:27:19.172447Z","last_seen":"2026-04-08T11:27:19.172447Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jsjsjs.vip/bztzl/cptj.js","fqdn":"www.jsjsjs.vip","domain":"jsjsjs.vip","tld":"vip"},"ip":{"addr":"103.48.133.35","port":443,"asn":138415,"as":"Yancy Limited","country":"South Korea","country_code":"KR"},"introduction_type":"scriptElement","is_inline":false,"md5":"11aa92bed4df7a20d7591d42122c470d","sha1":"9c10512511d64245449941695095d69d275b19c2","sha256":"b86ee716217665142b98ffc376c3344aceab5108481fbe80a94c422407f72ef5","sha512":"52ebcab182a52c2c627914d5e0047513622db4c940e69788f24beebf92ab39a62afb30ebb47ffb30b52ba84a4bc7930b811f200c6c38ab9028d878b9da9bef9d","ssdeep":"768:aKXFiz4m8c3c8QuDvoh/Z7PZK9TKYRcuqHkGUCzNR:aK1i/P3c8QuDOB7QVKF/H7UUNR","tlshash":"c61361e0b38d912fdac17311957ee044f47fe936a2f898e9f58dd080786092a43b99f5","size":45242,"data":"","first_seen":"2025-10-12T14:11:32.660999Z","last_seen":"2026-04-08T11:27:19.161106Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"e9d64a59490bd5bd810990f507fd089b","sha1":"aa74e55276bb22789c414df8af5a8e00939d6299","sha256":"fcf7b7cb247b300729163fb618f48b543237c73707c7f15413025f7d2443ee82","sha512":"188b6b4e8aea92b40166cb57290673bc2bc25609f1775da358612d5986be294c33210ffef3a0bf47bf6f4bd668e99a239e2be14434592244c405af8562574d79","ssdeep":"","tlshash":"9ff02eeb1385cc597d952a7d2203762c758c0d655c9c84ac1da4a8142ac0ef710d154f","size":499,"data":"","first_seen":"2026-04-08T11:27:19.173251Z","last_seen":"2026-04-08T11:27:19.173251Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jsjsjs.vip/bztzl/cptj.js","fqdn":"www.jsjsjs.vip","domain":"jsjsjs.vip","tld":"vip"},"ip":{"addr":"103.48.133.35","port":443,"asn":138415,"as":"Yancy Limited","country":"South Korea","country_code":"KR"},"introduction_type":"scriptElement","is_inline":false,"md5":"11aa92bed4df7a20d7591d42122c470d","sha1":"9c10512511d64245449941695095d69d275b19c2","sha256":"b86ee716217665142b98ffc376c3344aceab5108481fbe80a94c422407f72ef5","sha512":"52ebcab182a52c2c627914d5e0047513622db4c940e69788f24beebf92ab39a62afb30ebb47ffb30b52ba84a4bc7930b811f200c6c38ab9028d878b9da9bef9d","ssdeep":"768:aKXFiz4m8c3c8QuDvoh/Z7PZK9TKYRcuqHkGUCzNR:aK1i/P3c8QuDOB7QVKF/H7UUNR","tlshash":"c61361e0b38d912fdac17311957ee044f47fe936a2f898e9f58dd080786092a43b99f5","size":45242,"data":"","first_seen":"2025-10-12T14:11:32.660999Z","last_seen":"2026-04-08T11:27:19.161106Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jsjsjs.vip/jh/zc.js","fqdn":"www.jsjsjs.vip","domain":"jsjsjs.vip","tld":"vip"},"ip":{"addr":"103.48.133.35","port":443,"asn":138415,"as":"Yancy Limited","country":"South Korea","country_code":"KR"},"introduction_type":"scriptElement","is_inline":false,"md5":"249783f9a7236f63b3d6e286c82d308e","sha1":"8dba27587cefafb5b239db973efdd81f0b4fa37e","sha256":"0bac2ae6e123b7c80ecea1fba895c64429a74cf5ce8f2e848e57f80c109adb3b","sha512":"d7c9a2f7e81476bcf8eee7cefb5d6a66c89bc6315a09bc0885459f3671f5d58628ae7915dd178f68608aee4a0137b2f8cca75b9e5c6b5118992579c61585cd0f","ssdeep":"","tlshash":"3c4179ead8e05c849237b8708e4f7e2c70976429e656cd09b714cbf62e3597bc216548","size":2374,"data":"","first_seen":"2026-04-08T11:27:19.156141Z","last_seen":"2026-04-08T11:27:19.156141Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"e76371cfba7c1e9254b5f7165b0b3418","sha1":"5999064d941f72b315478088a73801814c584f08","sha256":"1dcc88f56e500b218599b3710ebebae112bb3c125507b557cbff48fa09dbd6f3","sha512":"2a939b3823daf8cbd0199fec40d8b58c307488b82bca83c7dc50ae7ae775df66f9ce8e43e27291d49b7726921ed706c4b2c987c611027ef78ed8de3a176042de","ssdeep":"","tlshash":"71d02beb218180cc7f5774c85003708c961d1f84156129504c51ad5b3880d335d5787e","size":271,"data":"","first_seen":"2026-04-08T11:27:19.172447Z","last_seen":"2026-04-08T11:27:19.172447Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/public/cqyzysp/files/main.js","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"5eac8bd22d07bf5ba54e0abbbc93ada5","sha1":"b639333a8f53ac948491a1f9c8c604a10be64e25","sha256":"72dd267b28d5ef4f036666701955b0582ba4e48c033b2d7615b980c6bac08f5c","sha512":"ec257ae5e606e3521bb3788e5328afd1e813cb135620b29f091d7d67adfbbd63584df4a9b137ce6bbbe6345651a8de65b974e3255639aa4e39bde780a38567ba","ssdeep":"96:i/pRyWP8/FPkP586GG8KqzX+ZVUgQe6CoKViY9r0KtreXV5ViKZJZVVldexFSSsI:mRx8NP8R6UVDQRCoKVii0uSNiKZJZVr0","tlshash":"8ac1512664f33265417331f94b9f2284783510473509dd59be6e97c80f52e28bab3eea","size":5839,"data":"","first_seen":"2026-04-08T11:27:19.16794Z","last_seen":"2026-04-08T11:27:19.16794Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"9a2a84ce1059688003f2bcb32a05a59b","sha1":"7d407971548fd139e623925ea47456675ec7ac69","sha256":"2bd0bce367292e8800dc3bfe3a54d7fe7a541ea511f7736fde789878b234231a","sha512":"e1e60de5a937255b7e447be4f6d8998a52648ecccc0da44ffa48907e03f0ce8b1dfb42db2ca02d107412177f942c6c0734df1e8a46b0ca9f71802ddafb276573","ssdeep":"","tlshash":"e7d02bef21d6818d3f5775ca6107604caa1d0e85096029804c54adaa28e5a33695796f","size":286,"data":"","first_seen":"2026-04-08T11:27:19.174092Z","last_seen":"2026-04-08T11:27:19.174092Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/public/cqyzysp/files/main.js","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"5eac8bd22d07bf5ba54e0abbbc93ada5","sha1":"b639333a8f53ac948491a1f9c8c604a10be64e25","sha256":"72dd267b28d5ef4f036666701955b0582ba4e48c033b2d7615b980c6bac08f5c","sha512":"ec257ae5e606e3521bb3788e5328afd1e813cb135620b29f091d7d67adfbbd63584df4a9b137ce6bbbe6345651a8de65b974e3255639aa4e39bde780a38567ba","ssdeep":"96:i/pRyWP8/FPkP586GG8KqzX+ZVUgQe6CoKViY9r0KtreXV5ViKZJZVVldexFSSsI:mRx8NP8R6UVDQRCoKVii0uSNiKZJZVr0","tlshash":"8ac1512664f33265417331f94b9f2284783510473509dd59be6e97c80f52e28bab3eea","size":5839,"data":"","first_seen":"2026-04-08T11:27:19.16794Z","last_seen":"2026-04-08T11:27:19.16794Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jsjsjs.vip/jh/jh.js","fqdn":"www.jsjsjs.vip","domain":"jsjsjs.vip","tld":"vip"},"ip":{"addr":"103.48.133.35","port":443,"asn":138415,"as":"Yancy Limited","country":"South Korea","country_code":"KR"},"introduction_type":"scriptElement","is_inline":false,"md5":"4900a0e84d061110c04c2866cd705125","sha1":"9e806ebdfd564fc919b7873dd6ac0f456c4b8771","sha256":"edee38d03cec5cba48757216affe7729353d42987613287be56db8738d452445","sha512":"c1cd7d20695e882b0a4fb17f0c8f26e0a28732a0c3d3588738062326803f736555d140375980fe374bcdcd3a713eef97c6c0a91f5bc21c04849f4c4ab82ec376","ssdeep":"96:QFlH8kmAkpVAQ9xYvKwbbqNJ88TiRlli0hqFIfBQ7ZgQfB+:QFt8kmzfpyvKwbbqNJ888Hi0hqFF+QY","tlshash":"90c1b87579b51029307bb2bc5beb435a31a98107d882dd08befc92b45fd5c014ab76c5","size":5852,"data":"","first_seen":"2026-04-08T11:27:19.16898Z","last_seen":"2026-04-08T11:27:19.16898Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"dce4fcfccd7ce3a7adc760891386a447","sha1":"88d447f41bc27acb247eff2f753c1ed1f9796fb7","sha256":"94c773450629c61ed51858af80cd750a0a9a85933e44e1b697f897c03b68eac2","sha512":"61874290c3720666db8dd5dee7ab6b2de41fc7cce71985f1725bc2af5f3b77ae9de0561cea3268cfa04e881e9afd85973755ac864867c7da630924364a0cf019","ssdeep":"","tlshash":"20e0228f58e3212a21d7a8380b6f03842cb413631818d4a4bcdfe6015f6811355b6ede","size":431,"data":"","first_seen":"2026-04-08T11:27:19.175003Z","last_seen":"2026-04-08T11:27:19.175003Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"9a9e03e3bd7e2969933d1d165b9da920","sha1":"cd8417c5541d89d9ea59d462adfee03072878c2f","sha256":"c3c271872d2a0f77b3d988333adf7f461f87a4559cf1c413c7bec9cabb58b81e","sha512":"d401dc0485fb5e7b3fc432cfb02921da2ed876aff0df669df609c97a9020f3587c6a33a19bbb4ff2e62d92c0f53bc997d6165d1739de6a0bf8f0cdf05c80ef6d","ssdeep":"","tlshash":"3001f4ff1385cc8d3e4669bd3203721ca54c0e545c5855ac0ca4ac1a35c0fb314d156f","size":734,"data":"","first_seen":"2026-04-08T11:27:19.176127Z","last_seen":"2026-04-08T11:27:19.176127Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jsjsjs.vip/jh/zc.js","fqdn":"www.jsjsjs.vip","domain":"jsjsjs.vip","tld":"vip"},"ip":{"addr":"103.48.133.35","port":443,"asn":138415,"as":"Yancy Limited","country":"South Korea","country_code":"KR"},"introduction_type":"scriptElement","is_inline":false,"md5":"249783f9a7236f63b3d6e286c82d308e","sha1":"8dba27587cefafb5b239db973efdd81f0b4fa37e","sha256":"0bac2ae6e123b7c80ecea1fba895c64429a74cf5ce8f2e848e57f80c109adb3b","sha512":"d7c9a2f7e81476bcf8eee7cefb5d6a66c89bc6315a09bc0885459f3671f5d58628ae7915dd178f68608aee4a0137b2f8cca75b9e5c6b5118992579c61585cd0f","ssdeep":"","tlshash":"3c4179ead8e05c849237b8708e4f7e2c70976429e656cd09b714cbf62e3597bc216548","size":2374,"data":"","first_seen":"2026-04-08T11:27:19.156141Z","last_seen":"2026-04-08T11:27:19.156141Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"9a2a84ce1059688003f2bcb32a05a59b","sha1":"7d407971548fd139e623925ea47456675ec7ac69","sha256":"2bd0bce367292e8800dc3bfe3a54d7fe7a541ea511f7736fde789878b234231a","sha512":"e1e60de5a937255b7e447be4f6d8998a52648ecccc0da44ffa48907e03f0ce8b1dfb42db2ca02d107412177f942c6c0734df1e8a46b0ca9f71802ddafb276573","ssdeep":"","tlshash":"e7d02bef21d6818d3f5775ca6107604caa1d0e85096029804c54adaa28e5a33695796f","size":286,"data":"","first_seen":"2026-04-08T11:27:19.174092Z","last_seen":"2026-04-08T11:27:19.174092Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/public/cqyzysp/files/main.js","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"5eac8bd22d07bf5ba54e0abbbc93ada5","sha1":"b639333a8f53ac948491a1f9c8c604a10be64e25","sha256":"72dd267b28d5ef4f036666701955b0582ba4e48c033b2d7615b980c6bac08f5c","sha512":"ec257ae5e606e3521bb3788e5328afd1e813cb135620b29f091d7d67adfbbd63584df4a9b137ce6bbbe6345651a8de65b974e3255639aa4e39bde780a38567ba","ssdeep":"96:i/pRyWP8/FPkP586GG8KqzX+ZVUgQe6CoKViY9r0KtreXV5ViKZJZVVldexFSSsI:mRx8NP8R6UVDQRCoKVii0uSNiKZJZVr0","tlshash":"8ac1512664f33265417331f94b9f2284783510473509dd59be6e97c80f52e28bab3eea","size":5839,"data":"","first_seen":"2026-04-08T11:27:19.16794Z","last_seen":"2026-04-08T11:27:19.16794Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jsjsjs.vip/jh/zc.js","fqdn":"www.jsjsjs.vip","domain":"jsjsjs.vip","tld":"vip"},"ip":{"addr":"103.48.133.35","port":443,"asn":138415,"as":"Yancy Limited","country":"South Korea","country_code":"KR"},"introduction_type":"scriptElement","is_inline":false,"md5":"249783f9a7236f63b3d6e286c82d308e","sha1":"8dba27587cefafb5b239db973efdd81f0b4fa37e","sha256":"0bac2ae6e123b7c80ecea1fba895c64429a74cf5ce8f2e848e57f80c109adb3b","sha512":"d7c9a2f7e81476bcf8eee7cefb5d6a66c89bc6315a09bc0885459f3671f5d58628ae7915dd178f68608aee4a0137b2f8cca75b9e5c6b5118992579c61585cd0f","ssdeep":"","tlshash":"3c4179ead8e05c849237b8708e4f7e2c70976429e656cd09b714cbf62e3597bc216548","size":2374,"data":"","first_seen":"2026-04-08T11:27:19.156141Z","last_seen":"2026-04-08T11:27:19.156141Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jsjsjs.vip/jh/jh.js","fqdn":"www.jsjsjs.vip","domain":"jsjsjs.vip","tld":"vip"},"ip":{"addr":"103.48.133.35","port":443,"asn":138415,"as":"Yancy Limited","country":"South Korea","country_code":"KR"},"introduction_type":"scriptElement","is_inline":false,"md5":"4900a0e84d061110c04c2866cd705125","sha1":"9e806ebdfd564fc919b7873dd6ac0f456c4b8771","sha256":"edee38d03cec5cba48757216affe7729353d42987613287be56db8738d452445","sha512":"c1cd7d20695e882b0a4fb17f0c8f26e0a28732a0c3d3588738062326803f736555d140375980fe374bcdcd3a713eef97c6c0a91f5bc21c04849f4c4ab82ec376","ssdeep":"96:QFlH8kmAkpVAQ9xYvKwbbqNJ88TiRlli0hqFIfBQ7ZgQfB+:QFt8kmzfpyvKwbbqNJ888Hi0hqFF+QY","tlshash":"90c1b87579b51029307bb2bc5beb435a31a98107d882dd08befc92b45fd5c014ab76c5","size":5852,"data":"","first_seen":"2026-04-08T11:27:19.16898Z","last_seen":"2026-04-08T11:27:19.16898Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-15T20:36:37.55585Z","times_seen":105530,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jsjsjs.vip/jh/jh.js","fqdn":"www.jsjsjs.vip","domain":"jsjsjs.vip","tld":"vip"},"ip":{"addr":"103.48.133.35","port":443,"asn":138415,"as":"Yancy Limited","country":"South Korea","country_code":"KR"},"introduction_type":"scriptElement","is_inline":false,"md5":"4900a0e84d061110c04c2866cd705125","sha1":"9e806ebdfd564fc919b7873dd6ac0f456c4b8771","sha256":"edee38d03cec5cba48757216affe7729353d42987613287be56db8738d452445","sha512":"c1cd7d20695e882b0a4fb17f0c8f26e0a28732a0c3d3588738062326803f736555d140375980fe374bcdcd3a713eef97c6c0a91f5bc21c04849f4c4ab82ec376","ssdeep":"96:QFlH8kmAkpVAQ9xYvKwbbqNJ88TiRlli0hqFIfBQ7ZgQfB+:QFt8kmzfpyvKwbbqNJ888Hi0hqFF+QY","tlshash":"90c1b87579b51029307bb2bc5beb435a31a98107d882dd08befc92b45fd5c014ab76c5","size":5852,"data":"","first_seen":"2026-04-08T11:27:19.16898Z","last_seen":"2026-04-08T11:27:19.16898Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jsjsjs.vip/bztzl/cptj.js","fqdn":"www.jsjsjs.vip","domain":"jsjsjs.vip","tld":"vip"},"ip":{"addr":"103.48.133.35","port":443,"asn":138415,"as":"Yancy Limited","country":"South Korea","country_code":"KR"},"introduction_type":"scriptElement","is_inline":false,"md5":"11aa92bed4df7a20d7591d42122c470d","sha1":"9c10512511d64245449941695095d69d275b19c2","sha256":"b86ee716217665142b98ffc376c3344aceab5108481fbe80a94c422407f72ef5","sha512":"52ebcab182a52c2c627914d5e0047513622db4c940e69788f24beebf92ab39a62afb30ebb47ffb30b52ba84a4bc7930b811f200c6c38ab9028d878b9da9bef9d","ssdeep":"768:aKXFiz4m8c3c8QuDvoh/Z7PZK9TKYRcuqHkGUCzNR:aK1i/P3c8QuDOB7QVKF/H7UUNR","tlshash":"c61361e0b38d912fdac17311957ee044f47fe936a2f898e9f58dd080786092a43b99f5","size":45242,"data":"","first_seen":"2025-10-12T14:11:32.660999Z","last_seen":"2026-04-08T11:27:19.161106Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"f11f0cc31effd7d1b1f5a14a491332b9","sha1":"04c8ef335474fd0c5facaa3ded8a50e0ea8cef11","sha256":"3a0efdd6aee49e38a32da4ad4146881981ba884df1c4a6d3203f594a318d843c","sha512":"861d3ac6c63e94fb04723be26309fe0dd398378b0cbe5ec6502519c399dc1f80e67ad9c429f387e581ff1f69320bf0767ab289d1b00cf83db7ede076fe524f3e","ssdeep":"","tlshash":"2001f4ff1386cc8d3e976aad7203721cb64c0d151c9458ec0ca4ac5926c0fb714d265f","size":751,"data":"","first_seen":"2026-04-08T11:27:19.176981Z","last_seen":"2026-04-08T11:27:19.176981Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"939063e71d7f95daa421f8706b3d0c3d","sha1":"f108250152922d014dbf78860c59079481a28d43","sha256":"0e75007bcda07cfc11bcbe4119704080978bcfa557fb68402e9d6fae8a37f8df","sha512":"5a9042a4076d9a8fe75a720e5afb12759ee41acf56ca65e311abe67082ebb94f67b6cee56cd6204e9c2fa5abbe3cb96014651cd0ff09088b1b34ce7f44ebc269","ssdeep":"","tlshash":"3df027eb1346cc997d962a7d6207762db58c0d256c9c88ac19a4a8152ac0ff710e168f","size":501,"data":"","first_seen":"2026-04-08T11:27:19.177871Z","last_seen":"2026-04-08T11:27:19.177871Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"www.jsjsjs.vip/jh/zc.js","fqdn":"www.jsjsjs.vip","domain":"jsjsjs.vip","tld":"vip"},"ip":{"addr":"103.48.133.35","port":443,"asn":138415,"as":"Yancy Limited","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:08.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.jsjsjs.vip","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 03:02:41 GMT","end":"Mon, 15 Jun 2026 03:02:40 GMT"},"fingerprint":{"sha1":"51:99:81:32:FC:0D:DB:AA:74:CB:9F:B8:17:B0:D7:4A:E5:A1:0E:7C","sha256":"40:3D:4C:43:1D:86:BC:97:E4:A9:95:F6:F1:AC:3B:E5:4E:16:C5:07:F5:93:D7:B0:76:E4:10:1C:DE:80:9E:D7"}}},"request":{"raw":"GET /jh/zc.js HTTP/1.1\r\nHost: www.jsjsjs.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:27:07 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 2374\r\nlast-modified: Tue, 31 Mar 2026 08:30:29 GMT\r\netag: \"69cb8625-946\"\r\nexpires: Wed, 08 Apr 2026 17:27:07 GMT\r\ncache-control: max-age=21600\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2374,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"249783f9a7236f63b3d6e286c82d308e","sha1":"8dba27587cefafb5b239db973efdd81f0b4fa37e","sha256":"0bac2ae6e123b7c80ecea1fba895c64429a74cf5ce8f2e848e57f80c109adb3b","sha512":"d7c9a2f7e81476bcf8eee7cefb5d6a66c89bc6315a09bc0885459f3671f5d58628ae7915dd178f68608aee4a0137b2f8cca75b9e5c6b5118992579c61585cd0f","ssdeep":"","tlshash":"3c4179ead8e05c849237b8708e4f7e2c70976429e656cd09b714cbf62e3597bc216548","first_seen":"2026-04-08T11:27:19.156141Z","last_seen":"2026-04-08T11:27:19.156141Z","times_seen":1,"resource_available":true,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Orbitron:wght@400;500;700;900\u0026family=Roboto:wght@300;400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:26:52.758Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:41 GMT","end":"Mon, 08 Jun 2026 08:38:40 GMT"},"fingerprint":{"sha1":"03:81:A0:0E:E1:9B:80:A3:BC:CD:F9:25:A5:7B:8A:43:07:22:C6:00","sha256":"73:8D:9A:B1:F0:C3:6E:8F:EE:C0:2F:99:C8:89:24:16:9A:DB:D1:9C:27:5D:8A:7A:A8:2B:0E:10:42:28:53:7F"}}},"request":{"raw":"GET /css2?family=Orbitron:wght@400;500;700;900\u0026family=Roboto:wght@300;400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 08 Apr 2026 11:26:52 GMT\r\ndate: Wed, 08 Apr 2026 11:26:52 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23968,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"8b3541cfe290d8261c56579cdcfe58c1","sha1":"1bc85406c79d74b1082e7df99cd29a8efe6c69c4","sha256":"d91334ec0289b9c5051aa5a1851b75248653eefcd2d0f679604458dbf6c1a0de","sha512":"e43afc7beeaa6fa25902364976f1d8560de7f53419d9128fc347cc020ecccf9a6fd7c08d1ae037aa7a9188811c193517c692754758154f9e6cceb1161a2aa5e9","ssdeep":"384:y9f59g9P9r9yU9/qY4+949Y9p9fM919W969yh9/qY4X9N9t9i9fD9O9d9B9ya9/U:yDS99YURRuWDyjooYhREHPM5svvYaR78","tlshash":"c2b21e91041744009b834ce223cebf35fe1f92117142d0b9abfd9b6baddbca6526936d","first_seen":"2026-04-08T11:27:19.157172Z","last_seen":"2026-04-08T11:27:19.157172Z","times_seen":1,"resource_available":false,"data":null}},"time_used":330,"timings":{"blocked":147,"dns":1,"connect":21,"send":0,"wait":33,"receive":0,"ssl":124},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.38.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:26:53.095Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.gc-arpsc.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 03 Apr 2026 21:23:23 GMT\r\nexpires: Sat, 03 Apr 2027 21:23:23 GMT\r\ncache-control: public, max-age=31536000\r\nage: 396210\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-04-15T20:37:43.437579Z","times_seen":81690,"resource_available":false,"data":null}},"time_used":141,"timings":{"blocked":77,"dns":0,"connect":0,"send":0,"wait":8,"receive":10,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/public/cqyzysp/webfonts/fa-solid-900.woff2","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:26:53.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.yimei666.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 07:26:03 GMT","end":"Fri, 19 Jun 2026 07:26:02 GMT"},"fingerprint":{"sha1":"2F:DB:97:C4:64:2C:E8:CC:ED:AB:47:35:46:36:60:96:2A:98:38:AD","sha256":"BE:0C:96:9C:C4:3C:93:A9:27:8B:7E:CB:82:8F:44:00:F8:54:21:DC:E3:C8:B6:8A:98:59:49:BA:7F:22:85:17"}}},"request":{"raw":"GET /public/cqyzysp/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: www.gc-arpsc.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/public/cqyzysp/files/all.min.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:26:52 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"jQuery:1.10.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2019,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"c15b93cfa706e4015260e0a69fa4b6c7","sha1":"d1101789826dd774b6ed712bc4cbf660174d3bed","sha256":"d531d34a537ca7ea08a8f7686e29ca5ffdeb7032498e4df108c0855b2f163fdc","sha512":"923e63fdf0ecbeb49c9c6847106ea79a90c5c7fa8c4f3bac12936c64a810f3b972ea0f28a050bd288bb8b9c2c5bac2b7d06900444601fee83fd03ca435da7af6","ssdeep":"","tlshash":"f641981459858d0f803319f47673c75c7a2e11c39f6199b9ad912177eb4dd238e233a8","first_seen":"2026-04-08T11:27:19.158836Z","last_seen":"2026-04-08T11:27:19.158836Z","times_seen":1,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.gc-arpsc.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026lt=1775647613\u0026rnd=93013234\u0026si=ba208c54371f9e882dde0449821c64d8\u0026v=1.3.0\u0026lv=2\u0026sn=42331\u0026r=0\u0026ww=1280\u0026u=www.gc-arpsc.org.51.la%2F\u0026tt=%E3%80%8Cpc28%E3%80%8D%E9%A2%84%E6%B5%8B-%E5%8A%A0%E6%8B%BF%E5%A4%A728%E5%9C%A8%E7%BA%BF%E9%A2%84%E6%B5%8B%E7%BD%91%7Cpc28%E7%99%BD%E9%A9%AC%E9%A2%84%E6%B5%8B-%E9%A3%9E%E9%A3%9E%E5%8A%A0%E6%8B%BF%E5%A4%A728%7CPC%E8%B5%B0%E5%8A%BF%E9%A2%84%E6%B5%8B","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.3.198","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:01.461Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026lt=1775647613\u0026rnd=93013234\u0026si=ba208c54371f9e882dde0449821c64d8\u0026v=1.3.0\u0026lv=2\u0026sn=42331\u0026r=0\u0026ww=1280\u0026u=www.gc-arpsc.org.51.la%2F\u0026tt=%E3%80%8Cpc28%E3%80%8D%E9%A2%84%E6%B5%8B-%E5%8A%A0%E6%8B%BF%E5%A4%A728%E5%9C%A8%E7%BA%BF%E9%A2%84%E6%B5%8B%E7%BD%91%7Cpc28%E7%99%BD%E9%A9%AC%E9%A2%84%E6%B5%8B-%E9%A3%9E%E9%A3%9E%E5%8A%A0%E6%8B%BF%E5%A4%A728%7CPC%E8%B5%B0%E5%8A%BF%E9%A2%84%E6%B5%8B HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Wed, 08 Apr 2026 11:27:01 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=745B5F92EABC838E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-15T20:38:01.364471Z","times_seen":335555,"resource_available":true,"data":null}},"time_used":536,"timings":{"blocked":263,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-08T11:26:51.332Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.yimei666.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 07:26:03 GMT","end":"Fri, 19 Jun 2026 07:26:02 GMT"},"fingerprint":{"sha1":"2F:DB:97:C4:64:2C:E8:CC:ED:AB:47:35:46:36:60:96:2A:98:38:AD","sha256":"BE:0C:96:9C:C4:3C:93:A9:27:8B:7E:CB:82:8F:44:00:F8:54:21:DC:E3:C8:B6:8A:98:59:49:BA:7F:22:85:17"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.gc-arpsc.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:26:50 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18151,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (589)","md5":"5b6577cfab1e6d541a249ed763c2c5d0","sha1":"3ed278dc203afb19965598517cdc9a7425357890","sha256":"096b8044ea536ccddb1ebdd8a907b4cc18a2830803c5fd02ef335f46f072f993","sha512":"86a1442fff7657c37f54e8eff971465f5c755d2b35b657d375b55cc6b8170e7bd6207acc85cdc518f1d78d998d9926d24df7912171708ac30a5564600498e77e","ssdeep":"192:VtUtyubbBJJD8fcJ8oMK0muK6KbAqKWLdsAKmRKYNo+++st/o0KzqCK6mKvRGKTE:7ubbBJJD8fcJLyUjwAZquJnDubIHM97x","tlshash":"ff821f53f6f5316a3023809d9d68bf1b6dc17263a3664e05349e1bfb9f04ee52443a2b","first_seen":"2026-04-08T11:27:19.160185Z","last_seen":"2026-04-08T11:27:19.160185Z","times_seen":1,"resource_available":true,"data":null}},"time_used":316,"timings":{"blocked":54,"dns":0,"connect":0,"send":0,"wait":262,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.gc-arpsc.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.jsjsjs.vip/bztzl/cptj.js","fqdn":"www.jsjsjs.vip","domain":"jsjsjs.vip","tld":"vip"},"ip":{"addr":"103.48.133.35","port":443,"asn":138415,"as":"Yancy Limited","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:26:52.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.jsjsjs.vip","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 03:02:41 GMT","end":"Mon, 15 Jun 2026 03:02:40 GMT"},"fingerprint":{"sha1":"51:99:81:32:FC:0D:DB:AA:74:CB:9F:B8:17:B0:D7:4A:E5:A1:0E:7C","sha256":"40:3D:4C:43:1D:86:BC:97:E4:A9:95:F6:F1:AC:3B:E5:4E:16:C5:07:F5:93:D7:B0:76:E4:10:1C:DE:80:9E:D7"}}},"request":{"raw":"GET /bztzl/cptj.js HTTP/1.1\r\nHost: www.jsjsjs.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:26:51 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 45242\r\nlast-modified: Tue, 31 Mar 2026 08:30:31 GMT\r\netag: \"69cb8627-b0ba\"\r\nexpires: Wed, 08 Apr 2026 17:26:51 GMT\r\ncache-control: max-age=21600\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":45242,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"11aa92bed4df7a20d7591d42122c470d","sha1":"9c10512511d64245449941695095d69d275b19c2","sha256":"b86ee716217665142b98ffc376c3344aceab5108481fbe80a94c422407f72ef5","sha512":"52ebcab182a52c2c627914d5e0047513622db4c940e69788f24beebf92ab39a62afb30ebb47ffb30b52ba84a4bc7930b811f200c6c38ab9028d878b9da9bef9d","ssdeep":"768:aKXFiz4m8c3c8QuDvoh/Z7PZK9TKYRcuqHkGUCzNR:aK1i/P3c8QuDOB7QVKF/H7UUNR","tlshash":"c61361e0b38d912fdac17311957ee044f47fe936a2f898e9f58dd080786092a43b99f5","first_seen":"2025-10-12T14:11:32.660999Z","last_seen":"2026-04-08T11:27:19.161106Z","times_seen":7,"resource_available":true,"data":null}},"time_used":1548,"timings":{"blocked":443,"dns":1,"connect":217,"send":0,"wait":217,"receive":431,"ssl":236},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/public/cqyzysp/files/mobile.css","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:26:53.071Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.yimei666.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 07:26:03 GMT","end":"Fri, 19 Jun 2026 07:26:02 GMT"},"fingerprint":{"sha1":"2F:DB:97:C4:64:2C:E8:CC:ED:AB:47:35:46:36:60:96:2A:98:38:AD","sha256":"BE:0C:96:9C:C4:3C:93:A9:27:8B:7E:CB:82:8F:44:00:F8:54:21:DC:E3:C8:B6:8A:98:59:49:BA:7F:22:85:17"}}},"request":{"raw":"GET /public/cqyzysp/files/mobile.css HTTP/1.1\r\nHost: www.gc-arpsc.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:26:52 GMT\r\ncontent-type: text/css\r\ncontent-length: 1854\r\nlast-modified: Sat, 14 Mar 2026 16:06:44 GMT\r\netag: \"69b58794-73e\"\r\nexpires: Wed, 08 Apr 2026 23:26:52 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1854,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"73f47a83f0220c492030da319e934a38","sha1":"dc978efcd6d273bb3d874372cf3414a804db424c","sha256":"5ca086364f8f48bedce044bf3674a2b1b9c342bd9141595b3247b42e5d776fa9","sha512":"5ac7a9ff9eb554402300d8c4bc05594b63653a16f560804bfdd08a85970069462a19e7f09a488f8c10b9afb646d34e68eb8bd6b1939a3c28aa9e86b90f282b6a","ssdeep":"","tlshash":"6731355f3ae33105ad57b839bb7e2a456164e017e54dccb47d8d6648cf88ba06cc478c","first_seen":"2026-04-08T11:27:19.162053Z","last_seen":"2026-04-08T11:27:19.162053Z","times_seen":1,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":226,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.gc-arpsc.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/favicon.ico","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:01.972Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.yimei666.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 07:26:03 GMT","end":"Fri, 19 Jun 2026 07:26:02 GMT"},"fingerprint":{"sha1":"2F:DB:97:C4:64:2C:E8:CC:ED:AB:47:35:46:36:60:96:2A:98:38:AD","sha256":"BE:0C:96:9C:C4:3C:93:A9:27:8B:7E:CB:82:8F:44:00:F8:54:21:DC:E3:C8:B6:8A:98:59:49:BA:7F:22:85:17"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.gc-arpsc.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nCookie: Hm_lvt_ba208c54371f9e882dde0449821c64d8=1775647613; Hm_lpvt_ba208c54371f9e882dde0449821c64d8=1775647621\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:27:01 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 4286\r\nlast-modified: Sat, 14 Mar 2026 13:11:42 GMT\r\netag: \"69b55e8e-10be\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"ea98a212366678c4e9d70aff98705211","sha1":"0426658063b62b396408fca453b4f9437fde7007","sha256":"b26f136a20c70b89b0b953d5cd901aabfae7030efce5a7752425445aff6c9adf","sha512":"a4610edb8ec0ad895292d459c9c6f7bee42045b73915c84abf07ce9fe3a5a3fa7bb8bcd7d4c2029f14ca3748ed4a49deb3d7f2f90d4e2b00eff66429ad9e6b1e","ssdeep":"24:sussf++5L9lLKhSeJmEUmEUmE0mE/0kKc4RxQVpRlC54T5/PRA87ss:w+5L9pmbJmfmfmnmXkZ4fQVpRlCuuWD","tlshash":"a191cbabb098d610df4f073a1147cae39531c477c0c84408a3ac6c46ba25a5a25bfeb3","first_seen":"2024-12-19T06:56:06.51588Z","last_seen":"2026-04-12T10:43:16.88958Z","times_seen":9,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":227,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.gc-arpsc.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jsjsjs.vip/jh/touzhu.png","fqdn":"jsjsjs.vip","domain":"jsjsjs.vip","tld":"vip"},"ip":{"addr":"103.48.133.35","port":443,"asn":138415,"as":"Yancy Limited","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:09.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.jsjsjs.vip","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 03:02:41 GMT","end":"Mon, 15 Jun 2026 03:02:40 GMT"},"fingerprint":{"sha1":"51:99:81:32:FC:0D:DB:AA:74:CB:9F:B8:17:B0:D7:4A:E5:A1:0E:7C","sha256":"40:3D:4C:43:1D:86:BC:97:E4:A9:95:F6:F1:AC:3B:E5:4E:16:C5:07:F5:93:D7:B0:76:E4:10:1C:DE:80:9E:D7"}}},"request":{"raw":"GET /jh/touzhu.png HTTP/1.1\r\nHost: jsjsjs.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:27:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 4631\r\nlast-modified: Mon, 18 Aug 2025 11:09:35 GMT\r\netag: \"68a309ef-1217\"\r\nexpires: Thu, 09 Apr 2026 11:27:08 GMT\r\ncache-control: max-age=86400\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4631,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 121 x 121, 8-bit colormap, non-interlaced","md5":"e19bf83282a1c7da5523784dc3a963a2","sha1":"6936d5f744e9bcad6c7e7aaaba1e4429612f2ab3","sha256":"c4334f6ef819387a6365089d6157c68eeb7cb38fb7317f0107a357a696da6616","sha512":"c8e54b9cd595a10d4d3ae6ae1e2252a480180d4b3dfe012471800752e73a67a6a5eb5da02a5e3a956d745a9c26cb7aeae48f89befb3f277c5cad1b2c5a0b322e","ssdeep":"96:4EalVQ3T1r1DjbVAI9+o3i7jLwAzFTeizM8J4Q:7asnHb4jLNheiA8h","tlshash":"82a17eb353612de8edd4adb935f96b22883442ac575f726105906cec3258b9424c31bf","first_seen":"2025-07-19T06:17:35.595843Z","last_seen":"2026-04-15T07:27:08.506863Z","times_seen":83,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jsjsjs.vip/jh/touzhu.png","fqdn":"jsjsjs.vip","domain":"jsjsjs.vip","tld":"vip"},"ip":{"addr":"103.48.133.35","port":443,"asn":138415,"as":"Yancy Limited","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:26:53.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.jsjsjs.vip","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 03:02:41 GMT","end":"Mon, 15 Jun 2026 03:02:40 GMT"},"fingerprint":{"sha1":"51:99:81:32:FC:0D:DB:AA:74:CB:9F:B8:17:B0:D7:4A:E5:A1:0E:7C","sha256":"40:3D:4C:43:1D:86:BC:97:E4:A9:95:F6:F1:AC:3B:E5:4E:16:C5:07:F5:93:D7:B0:76:E4:10:1C:DE:80:9E:D7"}}},"request":{"raw":"GET /jh/touzhu.png HTTP/1.1\r\nHost: jsjsjs.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:26:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 4631\r\nlast-modified: Mon, 18 Aug 2025 11:09:35 GMT\r\netag: \"68a309ef-1217\"\r\nexpires: Thu, 09 Apr 2026 11:26:52 GMT\r\ncache-control: max-age=86400\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4631,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 121 x 121, 8-bit colormap, non-interlaced","md5":"e19bf83282a1c7da5523784dc3a963a2","sha1":"6936d5f744e9bcad6c7e7aaaba1e4429612f2ab3","sha256":"c4334f6ef819387a6365089d6157c68eeb7cb38fb7317f0107a357a696da6616","sha512":"c8e54b9cd595a10d4d3ae6ae1e2252a480180d4b3dfe012471800752e73a67a6a5eb5da02a5e3a956d745a9c26cb7aeae48f89befb3f277c5cad1b2c5a0b322e","ssdeep":"96:4EalVQ3T1r1DjbVAI9+o3i7jLwAzFTeizM8J4Q:7asnHb4jLNheiA8h","tlshash":"82a17eb353612de8edd4adb935f96b22883442ac575f726105906cec3258b9424c31bf","first_seen":"2025-07-19T06:17:35.595843Z","last_seen":"2026-04-15T07:27:08.506863Z","times_seen":83,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":218,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/public/cqyzysp/files/style.css","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:00.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.yimei666.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 07:26:03 GMT","end":"Fri, 19 Jun 2026 07:26:02 GMT"},"fingerprint":{"sha1":"2F:DB:97:C4:64:2C:E8:CC:ED:AB:47:35:46:36:60:96:2A:98:38:AD","sha256":"BE:0C:96:9C:C4:3C:93:A9:27:8B:7E:CB:82:8F:44:00:F8:54:21:DC:E3:C8:B6:8A:98:59:49:BA:7F:22:85:17"}}},"request":{"raw":"GET /public/cqyzysp/files/style.css HTTP/1.1\r\nHost: www.gc-arpsc.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nCookie: Hm_lvt_ba208c54371f9e882dde0449821c64d8=1775647613; Hm_lpvt_ba208c54371f9e882dde0449821c64d8=1775647613\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:26:59 GMT\r\ncontent-type: text/css\r\ncontent-length: 66892\r\nlast-modified: Sat, 14 Mar 2026 16:06:44 GMT\r\netag: \"69b58794-1054c\"\r\nexpires: Wed, 08 Apr 2026 23:26:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":66892,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"48ae7db7c169bc751c7143b3820235ae","sha1":"0b2a72bd30dd65a1aa2897a024aa8c62936cbca2","sha256":"1a17c08171ea42821be60b0290c628bf2bc999eac4a424d0d503197382f28135","sha512":"f7b7e5d6d28682f7a01e1223a274caff5086242149c1ab2b2ba11ede28072bbfc775fcedabdddaf4d758f0eacfd2baddfb0cd8b5a75eb6cd5b7ad88182624cdd","ssdeep":"1536:YdQ7rh5+s/HUSMbmE9Klt+qWtsVtjGyDT98Kmm6cBd+wZQ:Z7rCt6E9dqmsVtjx9bmm6cBd+wZQ","tlshash":"bf63109156b31955742fa5191ffbc788735ca083844dcbbe7b8d225c8f8d2f8a062e8c","first_seen":"2026-04-08T11:27:19.165099Z","last_seen":"2026-04-08T11:27:19.165099Z","times_seen":1,"resource_available":false,"data":null}},"time_used":683,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":456,"receive":227,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.gc-arpsc.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/public/cqyzysp/files/style.css","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:08.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.yimei666.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 07:26:03 GMT","end":"Fri, 19 Jun 2026 07:26:02 GMT"},"fingerprint":{"sha1":"2F:DB:97:C4:64:2C:E8:CC:ED:AB:47:35:46:36:60:96:2A:98:38:AD","sha256":"BE:0C:96:9C:C4:3C:93:A9:27:8B:7E:CB:82:8F:44:00:F8:54:21:DC:E3:C8:B6:8A:98:59:49:BA:7F:22:85:17"}}},"request":{"raw":"GET /public/cqyzysp/files/style.css HTTP/1.1\r\nHost: www.gc-arpsc.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nCookie: Hm_lvt_ba208c54371f9e882dde0449821c64d8=1775647613; Hm_lpvt_ba208c54371f9e882dde0449821c64d8=1775647621\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:27:07 GMT\r\ncontent-type: text/css\r\ncontent-length: 66892\r\nlast-modified: Sat, 14 Mar 2026 16:06:44 GMT\r\netag: \"69b58794-1054c\"\r\nexpires: Wed, 08 Apr 2026 23:27:07 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":66892,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"48ae7db7c169bc751c7143b3820235ae","sha1":"0b2a72bd30dd65a1aa2897a024aa8c62936cbca2","sha256":"1a17c08171ea42821be60b0290c628bf2bc999eac4a424d0d503197382f28135","sha512":"f7b7e5d6d28682f7a01e1223a274caff5086242149c1ab2b2ba11ede28072bbfc775fcedabdddaf4d758f0eacfd2baddfb0cd8b5a75eb6cd5b7ad88182624cdd","ssdeep":"1536:YdQ7rh5+s/HUSMbmE9Klt+qWtsVtjGyDT98Kmm6cBd+wZQ:Z7rCt6E9dqmsVtjx9bmm6cBd+wZQ","tlshash":"bf63109156b31955742fa5191ffbc788735ca083844dcbbe7b8d225c8f8d2f8a062e8c","first_seen":"2026-04-08T11:27:19.165099Z","last_seen":"2026-04-08T11:27:19.165099Z","times_seen":1,"resource_available":false,"data":null}},"time_used":678,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":451,"receive":227,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.gc-arpsc.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Orbitron:wght@400;500;700;900\u0026family=Roboto:wght@300;400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:09.410Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:41 GMT","end":"Mon, 08 Jun 2026 08:38:40 GMT"},"fingerprint":{"sha1":"03:81:A0:0E:E1:9B:80:A3:BC:CD:F9:25:A5:7B:8A:43:07:22:C6:00","sha256":"73:8D:9A:B1:F0:C3:6E:8F:EE:C0:2F:99:C8:89:24:16:9A:DB:D1:9C:27:5D:8A:7A:A8:2B:0E:10:42:28:53:7F"}}},"request":{"raw":"GET /css2?family=Orbitron:wght@400;500;700;900\u0026family=Roboto:wght@300;400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 08 Apr 2026 11:27:09 GMT\r\ndate: Wed, 08 Apr 2026 11:27:09 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23968,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"8b3541cfe290d8261c56579cdcfe58c1","sha1":"1bc85406c79d74b1082e7df99cd29a8efe6c69c4","sha256":"d91334ec0289b9c5051aa5a1851b75248653eefcd2d0f679604458dbf6c1a0de","sha512":"e43afc7beeaa6fa25902364976f1d8560de7f53419d9128fc347cc020ecccf9a6fd7c08d1ae037aa7a9188811c193517c692754758154f9e6cceb1161a2aa5e9","ssdeep":"384:y9f59g9P9r9yU9/qY4+949Y9p9fM919W969yh9/qY4X9N9t9i9fD9O9d9B9ya9/U:yDS99YURRuWDyjooYhREHPM5svvYaR78","tlshash":"c2b21e91041744009b834ce223cebf35fe1f92117142d0b9abfd9b6baddbca6526936d","first_seen":"2026-04-08T11:27:19.157172Z","last_seen":"2026-04-08T11:27:19.157172Z","times_seen":1,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.38.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:26:53.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.gc-arpsc.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 03 Apr 2026 21:23:23 GMT\r\nexpires: Sat, 03 Apr 2027 21:23:23 GMT\r\ncache-control: public, max-age=31536000\r\nage: 396210\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-04-15T20:37:43.437579Z","times_seen":81690,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":88,"dns":4,"connect":26,"send":0,"wait":17,"receive":5,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1393510896\u0026si=ba208c54371f9e882dde0449821c64d8\u0026v=1.3.0\u0026lv=1\u0026sn=42323\u0026r=0\u0026ww=1280\u0026u=www.gc-arpsc.org.51.la%2F\u0026tt=%E3%80%8Cpc28%E3%80%8D%E9%A2%84%E6%B5%8B-%E5%8A%A0%E6%8B%BF%E5%A4%A728%E5%9C%A8%E7%BA%BF%E9%A2%84%E6%B5%8B%E7%BD%91%7Cpc28%E7%99%BD%E9%A9%AC%E9%A2%84%E6%B5%8B-%E9%A3%9E%E9%A3%9E%E5%8A%A0%E6%8B%BF%E5%A4%A728%7CPC%E8%B5%B0%E5%8A%BF%E9%A2%84%E6%B5%8B","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.3.198","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:26:53.375Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=1393510896\u0026si=ba208c54371f9e882dde0449821c64d8\u0026v=1.3.0\u0026lv=1\u0026sn=42323\u0026r=0\u0026ww=1280\u0026u=www.gc-arpsc.org.51.la%2F\u0026tt=%E3%80%8Cpc28%E3%80%8D%E9%A2%84%E6%B5%8B-%E5%8A%A0%E6%8B%BF%E5%A4%A728%E5%9C%A8%E7%BA%BF%E9%A2%84%E6%B5%8B%E7%BD%91%7Cpc28%E7%99%BD%E9%A9%AC%E9%A2%84%E6%B5%8B-%E9%A3%9E%E9%A3%9E%E5%8A%A0%E6%8B%BF%E5%A4%A728%7CPC%E8%B5%B0%E5%8A%BF%E9%A2%84%E6%B5%8B HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Wed, 08 Apr 2026 11:26:54 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=48EF36B7C2793C6B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-15T20:38:01.364471Z","times_seen":335555,"resource_available":true,"data":null}},"time_used":1525,"timings":{"blocked":625,"dns":1,"connect":207,"send":0,"wait":270,"receive":0,"ssl":419},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=4CA22BC17D2C114A\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026ep=7207%2C7207\u0026et=3\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=164903237\u0026si=ba208c54371f9e882dde0449821c64d8\u0026v=1.3.0\u0026lv=1\u0026sn=42323\u0026r=0\u0026ww=1280\u0026u=www.gc-arpsc.org.51.la%2F","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.3.198","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:00.425Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=4CA22BC17D2C114A\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026ep=7207%2C7207\u0026et=3\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=164903237\u0026si=ba208c54371f9e882dde0449821c64d8\u0026v=1.3.0\u0026lv=1\u0026sn=42323\u0026r=0\u0026ww=1280\u0026u=www.gc-arpsc.org.51.la%2F HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Wed, 08 Apr 2026 11:27:00 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=78DFE10A70D7A901; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-15T20:38:01.364471Z","times_seen":335555,"resource_available":true,"data":null}},"time_used":268,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":268,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.38.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:09.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.gc-arpsc.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 03 Apr 2026 21:23:23 GMT\r\nexpires: Sat, 03 Apr 2027 21:23:23 GMT\r\ncache-control: public, max-age=31536000\r\nage: 396226\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-04-15T20:37:43.437579Z","times_seen":81690,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jsjsjs.vip/jh/code.png","fqdn":"jsjsjs.vip","domain":"jsjsjs.vip","tld":"vip"},"ip":{"addr":"103.48.133.35","port":443,"asn":138415,"as":"Yancy Limited","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:26:53.377Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.jsjsjs.vip","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 03:02:41 GMT","end":"Mon, 15 Jun 2026 03:02:40 GMT"},"fingerprint":{"sha1":"51:99:81:32:FC:0D:DB:AA:74:CB:9F:B8:17:B0:D7:4A:E5:A1:0E:7C","sha256":"40:3D:4C:43:1D:86:BC:97:E4:A9:95:F6:F1:AC:3B:E5:4E:16:C5:07:F5:93:D7:B0:76:E4:10:1C:DE:80:9E:D7"}}},"request":{"raw":"GET /jh/code.png HTTP/1.1\r\nHost: jsjsjs.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:26:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 7559\r\nlast-modified: Mon, 18 Aug 2025 11:10:03 GMT\r\netag: \"68a30a0b-1d87\"\r\nexpires: Thu, 09 Apr 2026 11:26:52 GMT\r\ncache-control: max-age=86400\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7559,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced","md5":"562120ba230a3ffaadda9ac60e9e13c6","sha1":"d6d0acf09c451a92e09626a27bcd6f324e57a313","sha256":"89d9345d065581c6330bed1e01a0644519cee56943c7a0c4d6a18bc8c7883c72","sha512":"1c903784b305bcf11dbcaa088af07bba0f9fd19dcd94d87136c616c711399dcfe80396c96fcb0c22d02071bae0a2e786128743060b42f1740ed927a3bd7ea214","ssdeep":"192:pSalbqH5Jh7HbWiu0FoAj1UToW21l8RZbeCErY6C7PCvS:QOqH5n7k0uABUTo58reeD7SS","tlshash":"08f1a0c322dd3efc552a85b713867dc2b4d6668c7291b19b6a31e44cfc32af0d406259","first_seen":"2025-07-19T06:17:35.59498Z","last_seen":"2026-04-15T07:27:08.509037Z","times_seen":54,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/public/cqyzysp/webfonts/fa-solid-900.ttf","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:09.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.yimei666.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 07:26:03 GMT","end":"Fri, 19 Jun 2026 07:26:02 GMT"},"fingerprint":{"sha1":"2F:DB:97:C4:64:2C:E8:CC:ED:AB:47:35:46:36:60:96:2A:98:38:AD","sha256":"BE:0C:96:9C:C4:3C:93:A9:27:8B:7E:CB:82:8F:44:00:F8:54:21:DC:E3:C8:B6:8A:98:59:49:BA:7F:22:85:17"}}},"request":{"raw":"GET /public/cqyzysp/webfonts/fa-solid-900.ttf HTTP/1.1\r\nHost: www.gc-arpsc.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/public/cqyzysp/files/all.min.css\r\nCookie: Hm_lvt_ba208c54371f9e882dde0449821c64d8=1775647613; Hm_lpvt_ba208c54371f9e882dde0449821c64d8=1775647630\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:27:09 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"jQuery:1.10.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2019,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"c15b93cfa706e4015260e0a69fa4b6c7","sha1":"d1101789826dd774b6ed712bc4cbf660174d3bed","sha256":"d531d34a537ca7ea08a8f7686e29ca5ffdeb7032498e4df108c0855b2f163fdc","sha512":"923e63fdf0ecbeb49c9c6847106ea79a90c5c7fa8c4f3bac12936c64a810f3b972ea0f28a050bd288bb8b9c2c5bac2b7d06900444601fee83fd03ca435da7af6","ssdeep":"","tlshash":"f641981459858d0f803319f47673c75c7a2e11c39f6199b9ad912177eb4dd238e233a8","first_seen":"2026-04-08T11:27:19.158836Z","last_seen":"2026-04-08T11:27:19.158836Z","times_seen":1,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.gc-arpsc.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/public/cqyzysp/files/mobile.css","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:01.395Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.yimei666.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 07:26:03 GMT","end":"Fri, 19 Jun 2026 07:26:02 GMT"},"fingerprint":{"sha1":"2F:DB:97:C4:64:2C:E8:CC:ED:AB:47:35:46:36:60:96:2A:98:38:AD","sha256":"BE:0C:96:9C:C4:3C:93:A9:27:8B:7E:CB:82:8F:44:00:F8:54:21:DC:E3:C8:B6:8A:98:59:49:BA:7F:22:85:17"}}},"request":{"raw":"GET /public/cqyzysp/files/mobile.css HTTP/1.1\r\nHost: www.gc-arpsc.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nCookie: Hm_lvt_ba208c54371f9e882dde0449821c64d8=1775647613; Hm_lpvt_ba208c54371f9e882dde0449821c64d8=1775647613\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:27:00 GMT\r\ncontent-type: text/css\r\ncontent-length: 1854\r\nlast-modified: Sat, 14 Mar 2026 16:06:44 GMT\r\netag: \"69b58794-73e\"\r\nexpires: Wed, 08 Apr 2026 23:27:00 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1854,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"73f47a83f0220c492030da319e934a38","sha1":"dc978efcd6d273bb3d874372cf3414a804db424c","sha256":"5ca086364f8f48bedce044bf3674a2b1b9c342bd9141595b3247b42e5d776fa9","sha512":"5ac7a9ff9eb554402300d8c4bc05594b63653a16f560804bfdd08a85970069462a19e7f09a488f8c10b9afb646d34e68eb8bd6b1939a3c28aa9e86b90f282b6a","ssdeep":"","tlshash":"6731355f3ae33105ad57b839bb7e2a456164e017e54dccb47d8d6648cf88ba06cc478c","first_seen":"2026-04-08T11:27:19.162053Z","last_seen":"2026-04-08T11:27:19.162053Z","times_seen":1,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.gc-arpsc.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.38.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:01.411Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.gc-arpsc.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 03 Apr 2026 21:23:23 GMT\r\nexpires: Sat, 03 Apr 2027 21:23:23 GMT\r\ncache-control: public, max-age=31536000\r\nage: 396218\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-04-15T20:37:43.437579Z","times_seen":81690,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/favicon.ico","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:26:53.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.yimei666.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 07:26:03 GMT","end":"Fri, 19 Jun 2026 07:26:02 GMT"},"fingerprint":{"sha1":"2F:DB:97:C4:64:2C:E8:CC:ED:AB:47:35:46:36:60:96:2A:98:38:AD","sha256":"BE:0C:96:9C:C4:3C:93:A9:27:8B:7E:CB:82:8F:44:00:F8:54:21:DC:E3:C8:B6:8A:98:59:49:BA:7F:22:85:17"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.gc-arpsc.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nCookie: Hm_lvt_ba208c54371f9e882dde0449821c64d8=1775647613; Hm_lpvt_ba208c54371f9e882dde0449821c64d8=1775647613\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:26:53 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 4286\r\nlast-modified: Sat, 14 Mar 2026 13:11:42 GMT\r\netag: \"69b55e8e-10be\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"ea98a212366678c4e9d70aff98705211","sha1":"0426658063b62b396408fca453b4f9437fde7007","sha256":"b26f136a20c70b89b0b953d5cd901aabfae7030efce5a7752425445aff6c9adf","sha512":"a4610edb8ec0ad895292d459c9c6f7bee42045b73915c84abf07ce9fe3a5a3fa7bb8bcd7d4c2029f14ca3748ed4a49deb3d7f2f90d4e2b00eff66429ad9e6b1e","ssdeep":"24:sussf++5L9lLKhSeJmEUmEUmE0mE/0kKc4RxQVpRlC54T5/PRA87ss:w+5L9pmbJmfmfmnmXkZ4fQVpRlCuuWD","tlshash":"a191cbabb098d610df4f073a1147cae39531c477c0c84408a3ac6c46ba25a5a25bfeb3","first_seen":"2024-12-19T06:56:06.51588Z","last_seen":"2026-04-12T10:43:16.88958Z","times_seen":9,"resource_available":false,"data":null}},"time_used":891,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":890,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.gc-arpsc.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/public/cqyzysp/files/all.min.css","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:00.452Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.yimei666.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 07:26:03 GMT","end":"Fri, 19 Jun 2026 07:26:02 GMT"},"fingerprint":{"sha1":"2F:DB:97:C4:64:2C:E8:CC:ED:AB:47:35:46:36:60:96:2A:98:38:AD","sha256":"BE:0C:96:9C:C4:3C:93:A9:27:8B:7E:CB:82:8F:44:00:F8:54:21:DC:E3:C8:B6:8A:98:59:49:BA:7F:22:85:17"}}},"request":{"raw":"GET /public/cqyzysp/files/all.min.css HTTP/1.1\r\nHost: www.gc-arpsc.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nCookie: Hm_lvt_ba208c54371f9e882dde0449821c64d8=1775647613; Hm_lpvt_ba208c54371f9e882dde0449821c64d8=1775647613\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:26:59 GMT\r\ncontent-type: text/css\r\ncontent-length: 102025\r\nlast-modified: Sat, 14 Mar 2026 16:06:42 GMT\r\netag: \"69b58792-18e89\"\r\nexpires: Wed, 08 Apr 2026 23:26:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":102025,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (52276)","md5":"ded1c367363e8b20bdc6a19b8350a737","sha1":"8c06d82739d14b094ff6d9036021a252bd1d985d","sha256":"1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf","sha512":"89e71d2e66ac925ec2564aa45cd43f647fd72e5bd664e2728fb632eed71e9e6a43d72a404a8ce9993fc4d223ed985201e3a66676d01cf5e341bc7d07fd9a6207","ssdeep":"1536:OwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPGuZprfZCl:S709gMGFiyPGuZpfZCl","tlshash":"2ea3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-04-06T15:05:25Z","last_seen":"2026-04-15T20:40:26.407999Z","times_seen":43985,"resource_available":false,"data":null}},"time_used":910,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":683,"receive":227,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.gc-arpsc.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.jsjsjs.vip/jh/zc.js","fqdn":"www.jsjsjs.vip","domain":"jsjsjs.vip","tld":"vip"},"ip":{"addr":"103.48.133.35","port":443,"asn":138415,"as":"Yancy Limited","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:00.456Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.jsjsjs.vip","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 03:02:41 GMT","end":"Mon, 15 Jun 2026 03:02:40 GMT"},"fingerprint":{"sha1":"51:99:81:32:FC:0D:DB:AA:74:CB:9F:B8:17:B0:D7:4A:E5:A1:0E:7C","sha256":"40:3D:4C:43:1D:86:BC:97:E4:A9:95:F6:F1:AC:3B:E5:4E:16:C5:07:F5:93:D7:B0:76:E4:10:1C:DE:80:9E:D7"}}},"request":{"raw":"GET /jh/zc.js HTTP/1.1\r\nHost: www.jsjsjs.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:26:59 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 2374\r\nlast-modified: Tue, 31 Mar 2026 08:30:29 GMT\r\netag: \"69cb8625-946\"\r\nexpires: Wed, 08 Apr 2026 17:26:59 GMT\r\ncache-control: max-age=21600\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2374,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"249783f9a7236f63b3d6e286c82d308e","sha1":"8dba27587cefafb5b239db973efdd81f0b4fa37e","sha256":"0bac2ae6e123b7c80ecea1fba895c64429a74cf5ce8f2e848e57f80c109adb3b","sha512":"d7c9a2f7e81476bcf8eee7cefb5d6a66c89bc6315a09bc0885459f3671f5d58628ae7915dd178f68608aee4a0137b2f8cca75b9e5c6b5118992579c61585cd0f","ssdeep":"","tlshash":"3c4179ead8e05c849237b8708e4f7e2c70976429e656cd09b714cbf62e3597bc216548","first_seen":"2026-04-08T11:27:19.156141Z","last_seen":"2026-04-08T11:27:19.156141Z","times_seen":1,"resource_available":true,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.38.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:01.417Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.gc-arpsc.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 03 Apr 2026 21:23:23 GMT\r\nexpires: Sat, 03 Apr 2027 21:23:23 GMT\r\ncache-control: public, max-age=31536000\r\nage: 396218\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-04-15T20:37:43.437579Z","times_seen":81690,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jsjsjs.vip/bztzl/cptj.js","fqdn":"www.jsjsjs.vip","domain":"jsjsjs.vip","tld":"vip"},"ip":{"addr":"103.48.133.35","port":443,"asn":138415,"as":"Yancy Limited","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:08.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.jsjsjs.vip","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 03:02:41 GMT","end":"Mon, 15 Jun 2026 03:02:40 GMT"},"fingerprint":{"sha1":"51:99:81:32:FC:0D:DB:AA:74:CB:9F:B8:17:B0:D7:4A:E5:A1:0E:7C","sha256":"40:3D:4C:43:1D:86:BC:97:E4:A9:95:F6:F1:AC:3B:E5:4E:16:C5:07:F5:93:D7:B0:76:E4:10:1C:DE:80:9E:D7"}}},"request":{"raw":"GET /bztzl/cptj.js HTTP/1.1\r\nHost: www.jsjsjs.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:27:07 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 45242\r\nlast-modified: Tue, 31 Mar 2026 08:30:31 GMT\r\netag: \"69cb8627-b0ba\"\r\nexpires: Wed, 08 Apr 2026 17:27:07 GMT\r\ncache-control: max-age=21600\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":45242,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"11aa92bed4df7a20d7591d42122c470d","sha1":"9c10512511d64245449941695095d69d275b19c2","sha256":"b86ee716217665142b98ffc376c3344aceab5108481fbe80a94c422407f72ef5","sha512":"52ebcab182a52c2c627914d5e0047513622db4c940e69788f24beebf92ab39a62afb30ebb47ffb30b52ba84a4bc7930b811f200c6c38ab9028d878b9da9bef9d","ssdeep":"768:aKXFiz4m8c3c8QuDvoh/Z7PZK9TKYRcuqHkGUCzNR:aK1i/P3c8QuDOB7QVKF/H7UUNR","tlshash":"c61361e0b38d912fdac17311957ee044f47fe936a2f898e9f58dd080786092a43b99f5","first_seen":"2025-10-12T14:11:32.660999Z","last_seen":"2026-04-08T11:27:19.161106Z","times_seen":7,"resource_available":true,"data":null}},"time_used":646,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":429,"receive":217,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026lt=1775647613\u0026rnd=1973997789\u0026si=ba208c54371f9e882dde0449821c64d8\u0026v=1.3.0\u0026lv=2\u0026sn=42340\u0026r=0\u0026ww=1280\u0026u=www.gc-arpsc.org.51.la%2F\u0026tt=%E3%80%8Cpc28%E3%80%8D%E9%A2%84%E6%B5%8B-%E5%8A%A0%E6%8B%BF%E5%A4%A728%E5%9C%A8%E7%BA%BF%E9%A2%84%E6%B5%8B%E7%BD%91%7Cpc28%E7%99%BD%E9%A9%AC%E9%A2%84%E6%B5%8B-%E9%A3%9E%E9%A3%9E%E5%8A%A0%E6%8B%BF%E5%A4%A728%7CPC%E8%B5%B0%E5%8A%BF%E9%A2%84%E6%B5%8B","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"14.215.183.79","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:09.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026lt=1775647613\u0026rnd=1973997789\u0026si=ba208c54371f9e882dde0449821c64d8\u0026v=1.3.0\u0026lv=2\u0026sn=42340\u0026r=0\u0026ww=1280\u0026u=www.gc-arpsc.org.51.la%2F\u0026tt=%E3%80%8Cpc28%E3%80%8D%E9%A2%84%E6%B5%8B-%E5%8A%A0%E6%8B%BF%E5%A4%A728%E5%9C%A8%E7%BA%BF%E9%A2%84%E6%B5%8B%E7%BD%91%7Cpc28%E7%99%BD%E9%A9%AC%E9%A2%84%E6%B5%8B-%E9%A3%9E%E9%A3%9E%E5%8A%A0%E6%8B%BF%E5%A4%A728%7CPC%E8%B5%B0%E5%8A%BF%E9%A2%84%E6%B5%8B HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Wed, 08 Apr 2026 11:27:09 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=0705CCDF3D0C8CA5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-15T20:38:01.364471Z","times_seen":335555,"resource_available":true,"data":null}},"time_used":333,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":333,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gc-arpsc.org/","fqdn":"gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-08T11:26:50.534Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.yimei666.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 07:26:03 GMT","end":"Fri, 19 Jun 2026 07:26:02 GMT"},"fingerprint":{"sha1":"2F:DB:97:C4:64:2C:E8:CC:ED:AB:47:35:46:36:60:96:2A:98:38:AD","sha256":"BE:0C:96:9C:C4:3C:93:A9:27:8B:7E:CB:82:8F:44:00:F8:54:21:DC:E3:C8:B6:8A:98:59:49:BA:7F:22:85:17"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: gc-arpsc.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:26:50 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://www.gc-arpsc.org\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18151,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-15T20:38:47.575438Z","times_seen":13797803,"resource_available":true,"data":null}},"time_used":1301,"timings":{"blocked":527,"dns":54,"connect":229,"send":0,"wait":245,"receive":0,"ssl":242},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"gc-arpsc.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/public/cqyzysp/files/main.js","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:00.459Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.yimei666.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 07:26:03 GMT","end":"Fri, 19 Jun 2026 07:26:02 GMT"},"fingerprint":{"sha1":"2F:DB:97:C4:64:2C:E8:CC:ED:AB:47:35:46:36:60:96:2A:98:38:AD","sha256":"BE:0C:96:9C:C4:3C:93:A9:27:8B:7E:CB:82:8F:44:00:F8:54:21:DC:E3:C8:B6:8A:98:59:49:BA:7F:22:85:17"}}},"request":{"raw":"GET /public/cqyzysp/files/main.js HTTP/1.1\r\nHost: www.gc-arpsc.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nCookie: Hm_lvt_ba208c54371f9e882dde0449821c64d8=1775647613; Hm_lpvt_ba208c54371f9e882dde0449821c64d8=1775647613\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:26:59 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 5839\r\nlast-modified: Tue, 31 Mar 2026 08:30:25 GMT\r\netag: \"69cb8621-16cf\"\r\nexpires: Wed, 08 Apr 2026 23:26:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5839,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"5eac8bd22d07bf5ba54e0abbbc93ada5","sha1":"b639333a8f53ac948491a1f9c8c604a10be64e25","sha256":"72dd267b28d5ef4f036666701955b0582ba4e48c033b2d7615b980c6bac08f5c","sha512":"ec257ae5e606e3521bb3788e5328afd1e813cb135620b29f091d7d67adfbbd63584df4a9b137ce6bbbe6345651a8de65b974e3255639aa4e39bde780a38567ba","ssdeep":"96:i/pRyWP8/FPkP586GG8KqzX+ZVUgQe6CoKViY9r0KtreXV5ViKZJZVVldexFSSsI:mRx8NP8R6UVDQRCoKVii0uSNiKZJZVr0","tlshash":"8ac1512664f33265417331f94b9f2284783510473509dd59be6e97c80f52e28bab3eea","first_seen":"2026-04-08T11:27:19.16794Z","last_seen":"2026-04-08T11:27:19.16794Z","times_seen":1,"resource_available":true,"data":null}},"time_used":908,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":907,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.gc-arpsc.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/favicon.ico","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:10.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.yimei666.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 07:26:03 GMT","end":"Fri, 19 Jun 2026 07:26:02 GMT"},"fingerprint":{"sha1":"2F:DB:97:C4:64:2C:E8:CC:ED:AB:47:35:46:36:60:96:2A:98:38:AD","sha256":"BE:0C:96:9C:C4:3C:93:A9:27:8B:7E:CB:82:8F:44:00:F8:54:21:DC:E3:C8:B6:8A:98:59:49:BA:7F:22:85:17"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.gc-arpsc.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nCookie: Hm_lvt_ba208c54371f9e882dde0449821c64d8=1775647613; Hm_lpvt_ba208c54371f9e882dde0449821c64d8=1775647630\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:27:09 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 4286\r\nlast-modified: Sat, 14 Mar 2026 13:11:42 GMT\r\netag: \"69b55e8e-10be\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"ea98a212366678c4e9d70aff98705211","sha1":"0426658063b62b396408fca453b4f9437fde7007","sha256":"b26f136a20c70b89b0b953d5cd901aabfae7030efce5a7752425445aff6c9adf","sha512":"a4610edb8ec0ad895292d459c9c6f7bee42045b73915c84abf07ce9fe3a5a3fa7bb8bcd7d4c2029f14ca3748ed4a49deb3d7f2f90d4e2b00eff66429ad9e6b1e","ssdeep":"24:sussf++5L9lLKhSeJmEUmEUmE0mE/0kKc4RxQVpRlC54T5/PRA87ss:w+5L9pmbJmfmfmnmXkZ4fQVpRlCuuWD","tlshash":"a191cbabb098d610df4f073a1147cae39531c477c0c84408a3ac6c46ba25a5a25bfeb3","first_seen":"2024-12-19T06:56:06.51588Z","last_seen":"2026-04-12T10:43:16.88958Z","times_seen":9,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":227,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.gc-arpsc.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=4CA22BC17D2C114A\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026ep=7207%2C7207\u0026et=3\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=164903237\u0026si=ba208c54371f9e882dde0449821c64d8\u0026v=1.3.0\u0026lv=1\u0026sn=42323\u0026r=0\u0026ww=1280\u0026u=www.gc-arpsc.org.51.la%2F","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.3.198","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:01.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=4CA22BC17D2C114A\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026ep=7207%2C7207\u0026et=3\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=164903237\u0026si=ba208c54371f9e882dde0449821c64d8\u0026v=1.3.0\u0026lv=1\u0026sn=42323\u0026r=0\u0026ww=1280\u0026u=www.gc-arpsc.org.51.la%2F HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Wed, 08 Apr 2026 11:27:01 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=AE0E4159B89B81BB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-15T20:38:01.364471Z","times_seen":335555,"resource_available":true,"data":null}},"time_used":268,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":268,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.38.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:09.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.gc-arpsc.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 03 Apr 2026 21:23:23 GMT\r\nexpires: Sat, 03 Apr 2027 21:23:23 GMT\r\ncache-control: public, max-age=31536000\r\nage: 396226\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-04-15T20:37:43.437579Z","times_seen":81690,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jsjsjs.vip/jh/zc.js","fqdn":"www.jsjsjs.vip","domain":"jsjsjs.vip","tld":"vip"},"ip":{"addr":"103.48.133.35","port":443,"asn":138415,"as":"Yancy Limited","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:26:52.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.jsjsjs.vip","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 03:02:41 GMT","end":"Mon, 15 Jun 2026 03:02:40 GMT"},"fingerprint":{"sha1":"51:99:81:32:FC:0D:DB:AA:74:CB:9F:B8:17:B0:D7:4A:E5:A1:0E:7C","sha256":"40:3D:4C:43:1D:86:BC:97:E4:A9:95:F6:F1:AC:3B:E5:4E:16:C5:07:F5:93:D7:B0:76:E4:10:1C:DE:80:9E:D7"}}},"request":{"raw":"GET /jh/zc.js HTTP/1.1\r\nHost: www.jsjsjs.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:26:51 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 2374\r\nlast-modified: Tue, 31 Mar 2026 08:30:29 GMT\r\netag: \"69cb8625-946\"\r\nexpires: Wed, 08 Apr 2026 17:26:51 GMT\r\ncache-control: max-age=21600\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2374,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"249783f9a7236f63b3d6e286c82d308e","sha1":"8dba27587cefafb5b239db973efdd81f0b4fa37e","sha256":"0bac2ae6e123b7c80ecea1fba895c64429a74cf5ce8f2e848e57f80c109adb3b","sha512":"d7c9a2f7e81476bcf8eee7cefb5d6a66c89bc6315a09bc0885459f3671f5d58628ae7915dd178f68608aee4a0137b2f8cca75b9e5c6b5118992579c61585cd0f","ssdeep":"","tlshash":"3c4179ead8e05c849237b8708e4f7e2c70976429e656cd09b714cbf62e3597bc216548","first_seen":"2026-04-08T11:27:19.156141Z","last_seen":"2026-04-08T11:27:19.156141Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1575,"timings":{"blocked":469,"dns":1,"connect":229,"send":0,"wait":626,"receive":0,"ssl":246},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jsjsjs.vip/jh/jh.js","fqdn":"www.jsjsjs.vip","domain":"jsjsjs.vip","tld":"vip"},"ip":{"addr":"103.48.133.35","port":443,"asn":138415,"as":"Yancy Limited","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:00.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.jsjsjs.vip","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 03:02:41 GMT","end":"Mon, 15 Jun 2026 03:02:40 GMT"},"fingerprint":{"sha1":"51:99:81:32:FC:0D:DB:AA:74:CB:9F:B8:17:B0:D7:4A:E5:A1:0E:7C","sha256":"40:3D:4C:43:1D:86:BC:97:E4:A9:95:F6:F1:AC:3B:E5:4E:16:C5:07:F5:93:D7:B0:76:E4:10:1C:DE:80:9E:D7"}}},"request":{"raw":"GET /jh/jh.js HTTP/1.1\r\nHost: www.jsjsjs.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:26:59 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 5852\r\nlast-modified: Tue, 31 Mar 2026 08:30:29 GMT\r\netag: \"69cb8625-16dc\"\r\nexpires: Wed, 08 Apr 2026 17:26:59 GMT\r\ncache-control: max-age=21600\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5852,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"4900a0e84d061110c04c2866cd705125","sha1":"9e806ebdfd564fc919b7873dd6ac0f456c4b8771","sha256":"edee38d03cec5cba48757216affe7729353d42987613287be56db8738d452445","sha512":"c1cd7d20695e882b0a4fb17f0c8f26e0a28732a0c3d3588738062326803f736555d140375980fe374bcdcd3a713eef97c6c0a91f5bc21c04849f4c4ab82ec376","ssdeep":"96:QFlH8kmAkpVAQ9xYvKwbbqNJ88TiRlli0hqFIfBQ7ZgQfB+:QFt8kmzfpyvKwbbqNJ888Hi0hqFF+QY","tlshash":"90c1b87579b51029307bb2bc5beb435a31a98107d882dd08befc92b45fd5c014ab76c5","first_seen":"2026-04-08T11:27:19.16898Z","last_seen":"2026-04-08T11:27:19.16898Z","times_seen":1,"resource_available":true,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Orbitron:wght@400;500;700;900\u0026family=Roboto:wght@300;400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:01.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:41 GMT","end":"Mon, 08 Jun 2026 08:38:40 GMT"},"fingerprint":{"sha1":"03:81:A0:0E:E1:9B:80:A3:BC:CD:F9:25:A5:7B:8A:43:07:22:C6:00","sha256":"73:8D:9A:B1:F0:C3:6E:8F:EE:C0:2F:99:C8:89:24:16:9A:DB:D1:9C:27:5D:8A:7A:A8:2B:0E:10:42:28:53:7F"}}},"request":{"raw":"GET /css2?family=Orbitron:wght@400;500;700;900\u0026family=Roboto:wght@300;400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 08 Apr 2026 11:27:01 GMT\r\ndate: Wed, 08 Apr 2026 11:27:01 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23968,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"8b3541cfe290d8261c56579cdcfe58c1","sha1":"1bc85406c79d74b1082e7df99cd29a8efe6c69c4","sha256":"d91334ec0289b9c5051aa5a1851b75248653eefcd2d0f679604458dbf6c1a0de","sha512":"e43afc7beeaa6fa25902364976f1d8560de7f53419d9128fc347cc020ecccf9a6fd7c08d1ae037aa7a9188811c193517c692754758154f9e6cceb1161a2aa5e9","ssdeep":"384:y9f59g9P9r9yU9/qY4+949Y9p9fM919W969yh9/qY4X9N9t9i9fD9O9d9B9ya9/U:yDS99YURRuWDyjooYhREHPM5svvYaR78","tlshash":"c2b21e91041744009b834ce223cebf35fe1f92117142d0b9abfd9b6baddbca6526936d","first_seen":"2026-04-08T11:27:19.157172Z","last_seen":"2026-04-08T11:27:19.157172Z","times_seen":1,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jsjsjs.vip/jh/code.png","fqdn":"jsjsjs.vip","domain":"jsjsjs.vip","tld":"vip"},"ip":{"addr":"103.48.133.35","port":443,"asn":138415,"as":"Yancy Limited","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:01.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.jsjsjs.vip","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 03:02:41 GMT","end":"Mon, 15 Jun 2026 03:02:40 GMT"},"fingerprint":{"sha1":"51:99:81:32:FC:0D:DB:AA:74:CB:9F:B8:17:B0:D7:4A:E5:A1:0E:7C","sha256":"40:3D:4C:43:1D:86:BC:97:E4:A9:95:F6:F1:AC:3B:E5:4E:16:C5:07:F5:93:D7:B0:76:E4:10:1C:DE:80:9E:D7"}}},"request":{"raw":"GET /jh/code.png HTTP/1.1\r\nHost: jsjsjs.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:27:00 GMT\r\ncontent-type: image/png\r\ncontent-length: 7559\r\nlast-modified: Mon, 18 Aug 2025 11:10:03 GMT\r\netag: \"68a30a0b-1d87\"\r\nexpires: Thu, 09 Apr 2026 11:27:00 GMT\r\ncache-control: max-age=86400\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7559,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced","md5":"562120ba230a3ffaadda9ac60e9e13c6","sha1":"d6d0acf09c451a92e09626a27bcd6f324e57a313","sha256":"89d9345d065581c6330bed1e01a0644519cee56943c7a0c4d6a18bc8c7883c72","sha512":"1c903784b305bcf11dbcaa088af07bba0f9fd19dcd94d87136c616c711399dcfe80396c96fcb0c22d02071bae0a2e786128743060b42f1740ed927a3bd7ea214","ssdeep":"192:pSalbqH5Jh7HbWiu0FoAj1UToW21l8RZbeCErY6C7PCvS:QOqH5n7k0uABUTo58reeD7SS","tlshash":"08f1a0c322dd3efc552a85b713867dc2b4d6668c7291b19b6a31e44cfc32af0d406259","first_seen":"2025-07-19T06:17:35.59498Z","last_seen":"2026-04-15T07:27:08.509037Z","times_seen":54,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-08T11:27:08.422Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.yimei666.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 07:26:03 GMT","end":"Fri, 19 Jun 2026 07:26:02 GMT"},"fingerprint":{"sha1":"2F:DB:97:C4:64:2C:E8:CC:ED:AB:47:35:46:36:60:96:2A:98:38:AD","sha256":"BE:0C:96:9C:C4:3C:93:A9:27:8B:7E:CB:82:8F:44:00:F8:54:21:DC:E3:C8:B6:8A:98:59:49:BA:7F:22:85:17"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.gc-arpsc.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: Hm_lvt_ba208c54371f9e882dde0449821c64d8=1775647613; Hm_lpvt_ba208c54371f9e882dde0449821c64d8=1775647621\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:27:07 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18151,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (589)","md5":"5b6577cfab1e6d541a249ed763c2c5d0","sha1":"3ed278dc203afb19965598517cdc9a7425357890","sha256":"096b8044ea536ccddb1ebdd8a907b4cc18a2830803c5fd02ef335f46f072f993","sha512":"86a1442fff7657c37f54e8eff971465f5c755d2b35b657d375b55cc6b8170e7bd6207acc85cdc518f1d78d998d9926d24df7912171708ac30a5564600498e77e","ssdeep":"192:VtUtyubbBJJD8fcJ8oMK0muK6KbAqKWLdsAKmRKYNo+++st/o0KzqCK6mKvRGKTE:7ubbBJJD8fcJLyUjwAZquJnDubIHM97x","tlshash":"ff821f53f6f5316a3023809d9d68bf1b6dc17263a3664e05349e1bfb9f04ee52443a2b","first_seen":"2026-04-08T11:27:19.160185Z","last_seen":"2026-04-08T11:27:19.160185Z","times_seen":1,"resource_available":true,"data":null}},"time_used":267,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":267,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.gc-arpsc.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=4CA22BC17D2C114A\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026ep=7280%2C7280\u0026et=3\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026lt=1775647613\u0026rnd=1158963545\u0026si=ba208c54371f9e882dde0449821c64d8\u0026v=1.3.0\u0026lv=2\u0026sn=42331\u0026r=0\u0026ww=1280\u0026u=www.gc-arpsc.org.51.la%2F","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.3.198","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:08.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=4CA22BC17D2C114A\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026ep=7280%2C7280\u0026et=3\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026lt=1775647613\u0026rnd=1158963545\u0026si=ba208c54371f9e882dde0449821c64d8\u0026v=1.3.0\u0026lv=2\u0026sn=42331\u0026r=0\u0026ww=1280\u0026u=www.gc-arpsc.org.51.la%2F HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Wed, 08 Apr 2026 11:27:08 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=1AF891C6589FD201; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-15T20:38:01.364471Z","times_seen":335555,"resource_available":true,"data":null}},"time_used":269,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":269,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=4CA22BC17D2C114A\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026ep=7280%2C7280\u0026et=3\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026lt=1775647613\u0026rnd=1158963545\u0026si=ba208c54371f9e882dde0449821c64d8\u0026v=1.3.0\u0026lv=2\u0026sn=42331\u0026r=0\u0026ww=1280\u0026u=www.gc-arpsc.org.51.la%2F","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.3.198","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:09.694Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=4CA22BC17D2C114A\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026ep=7280%2C7280\u0026et=3\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026lt=1775647613\u0026rnd=1158963545\u0026si=ba208c54371f9e882dde0449821c64d8\u0026v=1.3.0\u0026lv=2\u0026sn=42331\u0026r=0\u0026ww=1280\u0026u=www.gc-arpsc.org.51.la%2F HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Wed, 08 Apr 2026 11:27:09 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=869B684C525B612E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-15T20:38:01.364471Z","times_seen":335555,"resource_available":true,"data":null}},"time_used":269,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":269,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/public/cqyzysp/files/main.js","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:26:52.079Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.yimei666.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 07:26:03 GMT","end":"Fri, 19 Jun 2026 07:26:02 GMT"},"fingerprint":{"sha1":"2F:DB:97:C4:64:2C:E8:CC:ED:AB:47:35:46:36:60:96:2A:98:38:AD","sha256":"BE:0C:96:9C:C4:3C:93:A9:27:8B:7E:CB:82:8F:44:00:F8:54:21:DC:E3:C8:B6:8A:98:59:49:BA:7F:22:85:17"}}},"request":{"raw":"GET /public/cqyzysp/files/main.js HTTP/1.1\r\nHost: www.gc-arpsc.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:26:51 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 5839\r\nlast-modified: Tue, 31 Mar 2026 08:30:25 GMT\r\netag: \"69cb8621-16cf\"\r\nexpires: Wed, 08 Apr 2026 23:26:51 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5839,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"5eac8bd22d07bf5ba54e0abbbc93ada5","sha1":"b639333a8f53ac948491a1f9c8c604a10be64e25","sha256":"72dd267b28d5ef4f036666701955b0582ba4e48c033b2d7615b980c6bac08f5c","sha512":"ec257ae5e606e3521bb3788e5328afd1e813cb135620b29f091d7d67adfbbd63584df4a9b137ce6bbbe6345651a8de65b974e3255639aa4e39bde780a38567ba","ssdeep":"96:i/pRyWP8/FPkP586GG8KqzX+ZVUgQe6CoKViY9r0KtreXV5ViKZJZVVldexFSSsI:mRx8NP8R6UVDQRCoKVii0uSNiKZJZVr0","tlshash":"8ac1512664f33265417331f94b9f2284783510473509dd59be6e97c80f52e28bab3eea","first_seen":"2026-04-08T11:27:19.16794Z","last_seen":"2026-04-08T11:27:19.16794Z","times_seen":1,"resource_available":true,"data":null}},"time_used":900,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":899,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.gc-arpsc.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jsjsjs.vip/jh/touzhu.png","fqdn":"jsjsjs.vip","domain":"jsjsjs.vip","tld":"vip"},"ip":{"addr":"103.48.133.35","port":443,"asn":138415,"as":"Yancy Limited","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:01.464Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.jsjsjs.vip","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 03:02:41 GMT","end":"Mon, 15 Jun 2026 03:02:40 GMT"},"fingerprint":{"sha1":"51:99:81:32:FC:0D:DB:AA:74:CB:9F:B8:17:B0:D7:4A:E5:A1:0E:7C","sha256":"40:3D:4C:43:1D:86:BC:97:E4:A9:95:F6:F1:AC:3B:E5:4E:16:C5:07:F5:93:D7:B0:76:E4:10:1C:DE:80:9E:D7"}}},"request":{"raw":"GET /jh/touzhu.png HTTP/1.1\r\nHost: jsjsjs.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:27:00 GMT\r\ncontent-type: image/png\r\ncontent-length: 4631\r\nlast-modified: Mon, 18 Aug 2025 11:09:35 GMT\r\netag: \"68a309ef-1217\"\r\nexpires: Thu, 09 Apr 2026 11:27:00 GMT\r\ncache-control: max-age=86400\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4631,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 121 x 121, 8-bit colormap, non-interlaced","md5":"e19bf83282a1c7da5523784dc3a963a2","sha1":"6936d5f744e9bcad6c7e7aaaba1e4429612f2ab3","sha256":"c4334f6ef819387a6365089d6157c68eeb7cb38fb7317f0107a357a696da6616","sha512":"c8e54b9cd595a10d4d3ae6ae1e2252a480180d4b3dfe012471800752e73a67a6a5eb5da02a5e3a956d745a9c26cb7aeae48f89befb3f277c5cad1b2c5a0b322e","ssdeep":"96:4EalVQ3T1r1DjbVAI9+o3i7jLwAzFTeizM8J4Q:7asnHb4jLNheiA8h","tlshash":"82a17eb353612de8edd4adb935f96b22883442ac575f726105906cec3258b9424c31bf","first_seen":"2025-07-19T06:17:35.595843Z","last_seen":"2026-04-15T07:27:08.506863Z","times_seen":83,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/public/cqyzysp/webfonts/fa-solid-900.ttf","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:01.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.yimei666.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 07:26:03 GMT","end":"Fri, 19 Jun 2026 07:26:02 GMT"},"fingerprint":{"sha1":"2F:DB:97:C4:64:2C:E8:CC:ED:AB:47:35:46:36:60:96:2A:98:38:AD","sha256":"BE:0C:96:9C:C4:3C:93:A9:27:8B:7E:CB:82:8F:44:00:F8:54:21:DC:E3:C8:B6:8A:98:59:49:BA:7F:22:85:17"}}},"request":{"raw":"GET /public/cqyzysp/webfonts/fa-solid-900.ttf HTTP/1.1\r\nHost: www.gc-arpsc.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/public/cqyzysp/files/all.min.css\r\nCookie: Hm_lvt_ba208c54371f9e882dde0449821c64d8=1775647613; Hm_lpvt_ba208c54371f9e882dde0449821c64d8=1775647621\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:27:00 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"jQuery:1.10.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2019,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"c15b93cfa706e4015260e0a69fa4b6c7","sha1":"d1101789826dd774b6ed712bc4cbf660174d3bed","sha256":"d531d34a537ca7ea08a8f7686e29ca5ffdeb7032498e4df108c0855b2f163fdc","sha512":"923e63fdf0ecbeb49c9c6847106ea79a90c5c7fa8c4f3bac12936c64a810f3b972ea0f28a050bd288bb8b9c2c5bac2b7d06900444601fee83fd03ca435da7af6","ssdeep":"","tlshash":"f641981459858d0f803319f47673c75c7a2e11c39f6199b9ad912177eb4dd238e233a8","first_seen":"2026-04-08T11:27:19.158836Z","last_seen":"2026-04-08T11:27:19.158836Z","times_seen":1,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.gc-arpsc.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/public/cqyzysp/files/all.min.css","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:08.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.yimei666.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 07:26:03 GMT","end":"Fri, 19 Jun 2026 07:26:02 GMT"},"fingerprint":{"sha1":"2F:DB:97:C4:64:2C:E8:CC:ED:AB:47:35:46:36:60:96:2A:98:38:AD","sha256":"BE:0C:96:9C:C4:3C:93:A9:27:8B:7E:CB:82:8F:44:00:F8:54:21:DC:E3:C8:B6:8A:98:59:49:BA:7F:22:85:17"}}},"request":{"raw":"GET /public/cqyzysp/files/all.min.css HTTP/1.1\r\nHost: www.gc-arpsc.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nCookie: Hm_lvt_ba208c54371f9e882dde0449821c64d8=1775647613; Hm_lpvt_ba208c54371f9e882dde0449821c64d8=1775647621\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:27:07 GMT\r\ncontent-type: text/css\r\ncontent-length: 102025\r\nlast-modified: Sat, 14 Mar 2026 16:06:42 GMT\r\netag: \"69b58792-18e89\"\r\nexpires: Wed, 08 Apr 2026 23:27:07 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":102025,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (52276)","md5":"ded1c367363e8b20bdc6a19b8350a737","sha1":"8c06d82739d14b094ff6d9036021a252bd1d985d","sha256":"1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf","sha512":"89e71d2e66ac925ec2564aa45cd43f647fd72e5bd664e2728fb632eed71e9e6a43d72a404a8ce9993fc4d223ed985201e3a66676d01cf5e341bc7d07fd9a6207","ssdeep":"1536:OwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPGuZprfZCl:S709gMGFiyPGuZpfZCl","tlshash":"2ea3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-04-06T15:05:25Z","last_seen":"2026-04-15T20:40:26.407999Z","times_seen":43985,"resource_available":false,"data":null}},"time_used":904,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":677,"receive":227,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.gc-arpsc.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-08T11:27:00.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.yimei666.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 07:26:03 GMT","end":"Fri, 19 Jun 2026 07:26:02 GMT"},"fingerprint":{"sha1":"2F:DB:97:C4:64:2C:E8:CC:ED:AB:47:35:46:36:60:96:2A:98:38:AD","sha256":"BE:0C:96:9C:C4:3C:93:A9:27:8B:7E:CB:82:8F:44:00:F8:54:21:DC:E3:C8:B6:8A:98:59:49:BA:7F:22:85:17"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.gc-arpsc.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: Hm_lvt_ba208c54371f9e882dde0449821c64d8=1775647613; Hm_lpvt_ba208c54371f9e882dde0449821c64d8=1775647613\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:26:59 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18151,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (589)","md5":"5b6577cfab1e6d541a249ed763c2c5d0","sha1":"3ed278dc203afb19965598517cdc9a7425357890","sha256":"096b8044ea536ccddb1ebdd8a907b4cc18a2830803c5fd02ef335f46f072f993","sha512":"86a1442fff7657c37f54e8eff971465f5c755d2b35b657d375b55cc6b8170e7bd6207acc85cdc518f1d78d998d9926d24df7912171708ac30a5564600498e77e","ssdeep":"192:VtUtyubbBJJD8fcJ8oMK0muK6KbAqKWLdsAKmRKYNo+++st/o0KzqCK6mKvRGKTE:7ubbBJJD8fcJLyUjwAZquJnDubIHM97x","tlshash":"ff821f53f6f5316a3023809d9d68bf1b6dc17263a3664e05349e1bfb9f04ee52443a2b","first_seen":"2026-04-08T11:27:19.160185Z","last_seen":"2026-04-08T11:27:19.160185Z","times_seen":1,"resource_available":true,"data":null}},"time_used":276,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":276,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.gc-arpsc.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/orbitron/v35/yMJRMIlzdpvBhQQL_Qq7dy0.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.38.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:01.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/orbitron/v35/yMJRMIlzdpvBhQQL_Qq7dy0.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.gc-arpsc.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 11800\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 04 Apr 2026 01:57:34 GMT\r\nexpires: Sun, 04 Apr 2027 01:57:34 GMT\r\ncache-control: public, max-age=31536000\r\nage: 379767\r\nlast-modified: Thu, 04 Sep 2025 17:04:39 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11800,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 11800, version 1.0","md5":"5d281085f7277a3ec9c7586dd2f24a13","sha1":"d686c7f2bfeb693a91baf3aaa3b6e70aa1a5bcc3","sha256":"c25a9f9da5d9f3db1bf2a01474722dc9b377675b7bbab6d0dfda6902794fd1ed","sha512":"7a31ed0d967a47d8f6135b5889c2af595b1ed3993ee3e2e2f522875e6384773b1f9f96ac891c068599580a543001443b1a1d565563a13010d40e1dbac4142220","ssdeep":"192:oufNGqi8O6lHWqR+OVLlB2AynsvBhJo/WO9UrApcn4UwLqJhPCGSlkeLlM:vCjKBBB250BhJol9UB48SeeBM","tlshash":"fc32c067623046e2fc22b53001fc4500466865bfd140f1bfd66349e7766e9606eb2a3e","first_seen":"2025-06-03T09:08:22.59014Z","last_seen":"2026-04-15T20:27:56.814688Z","times_seen":3639,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.38.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:01.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.gc-arpsc.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 03 Apr 2026 21:23:23 GMT\r\nexpires: Sat, 03 Apr 2027 21:23:23 GMT\r\ncache-control: public, max-age=31536000\r\nage: 396218\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-04-15T20:37:43.437579Z","times_seen":81690,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/orbitron/v35/yMJRMIlzdpvBhQQL_Qq7dy0.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.38.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:09.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/orbitron/v35/yMJRMIlzdpvBhQQL_Qq7dy0.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.gc-arpsc.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 11800\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 04 Apr 2026 01:57:34 GMT\r\nexpires: Sun, 04 Apr 2027 01:57:34 GMT\r\ncache-control: public, max-age=31536000\r\nage: 379775\r\nlast-modified: Thu, 04 Sep 2025 17:04:39 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11800,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 11800, version 1.0","md5":"5d281085f7277a3ec9c7586dd2f24a13","sha1":"d686c7f2bfeb693a91baf3aaa3b6e70aa1a5bcc3","sha256":"c25a9f9da5d9f3db1bf2a01474722dc9b377675b7bbab6d0dfda6902794fd1ed","sha512":"7a31ed0d967a47d8f6135b5889c2af595b1ed3993ee3e2e2f522875e6384773b1f9f96ac891c068599580a543001443b1a1d565563a13010d40e1dbac4142220","ssdeep":"192:oufNGqi8O6lHWqR+OVLlB2AynsvBhJo/WO9UrApcn4UwLqJhPCGSlkeLlM:vCjKBBB250BhJol9UB48SeeBM","tlshash":"fc32c067623046e2fc22b53001fc4500466865bfd140f1bfd66349e7766e9606eb2a3e","first_seen":"2025-06-03T09:08:22.59014Z","last_seen":"2026-04-15T20:27:56.814688Z","times_seen":3639,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/public/cqyzysp/files/style.css","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:26:52.067Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.yimei666.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 07:26:03 GMT","end":"Fri, 19 Jun 2026 07:26:02 GMT"},"fingerprint":{"sha1":"2F:DB:97:C4:64:2C:E8:CC:ED:AB:47:35:46:36:60:96:2A:98:38:AD","sha256":"BE:0C:96:9C:C4:3C:93:A9:27:8B:7E:CB:82:8F:44:00:F8:54:21:DC:E3:C8:B6:8A:98:59:49:BA:7F:22:85:17"}}},"request":{"raw":"GET /public/cqyzysp/files/style.css HTTP/1.1\r\nHost: www.gc-arpsc.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:26:51 GMT\r\ncontent-type: text/css\r\ncontent-length: 66892\r\nlast-modified: Sat, 14 Mar 2026 16:06:44 GMT\r\netag: \"69b58794-1054c\"\r\nexpires: Wed, 08 Apr 2026 23:26:51 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":66892,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"48ae7db7c169bc751c7143b3820235ae","sha1":"0b2a72bd30dd65a1aa2897a024aa8c62936cbca2","sha256":"1a17c08171ea42821be60b0290c628bf2bc999eac4a424d0d503197382f28135","sha512":"f7b7e5d6d28682f7a01e1223a274caff5086242149c1ab2b2ba11ede28072bbfc775fcedabdddaf4d758f0eacfd2baddfb0cd8b5a75eb6cd5b7ad88182624cdd","ssdeep":"1536:YdQ7rh5+s/HUSMbmE9Klt+qWtsVtjGyDT98Kmm6cBd+wZQ:Z7rCt6E9dqmsVtjx9bmm6cBd+wZQ","tlshash":"bf63109156b31955742fa5191ffbc788735ca083844dcbbe7b8d225c8f8d2f8a062e8c","first_seen":"2026-04-08T11:27:19.165099Z","last_seen":"2026-04-08T11:27:19.165099Z","times_seen":1,"resource_available":false,"data":null}},"time_used":682,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":454,"receive":228,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.gc-arpsc.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.jsjsjs.vip/jh/jh.js","fqdn":"www.jsjsjs.vip","domain":"jsjsjs.vip","tld":"vip"},"ip":{"addr":"103.48.133.35","port":443,"asn":138415,"as":"Yancy Limited","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:08.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.jsjsjs.vip","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 03:02:41 GMT","end":"Mon, 15 Jun 2026 03:02:40 GMT"},"fingerprint":{"sha1":"51:99:81:32:FC:0D:DB:AA:74:CB:9F:B8:17:B0:D7:4A:E5:A1:0E:7C","sha256":"40:3D:4C:43:1D:86:BC:97:E4:A9:95:F6:F1:AC:3B:E5:4E:16:C5:07:F5:93:D7:B0:76:E4:10:1C:DE:80:9E:D7"}}},"request":{"raw":"GET /jh/jh.js HTTP/1.1\r\nHost: www.jsjsjs.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:27:07 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 5852\r\nlast-modified: Tue, 31 Mar 2026 08:30:29 GMT\r\netag: \"69cb8625-16dc\"\r\nexpires: Wed, 08 Apr 2026 17:27:07 GMT\r\ncache-control: max-age=21600\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5852,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"4900a0e84d061110c04c2866cd705125","sha1":"9e806ebdfd564fc919b7873dd6ac0f456c4b8771","sha256":"edee38d03cec5cba48757216affe7729353d42987613287be56db8738d452445","sha512":"c1cd7d20695e882b0a4fb17f0c8f26e0a28732a0c3d3588738062326803f736555d140375980fe374bcdcd3a713eef97c6c0a91f5bc21c04849f4c4ab82ec376","ssdeep":"96:QFlH8kmAkpVAQ9xYvKwbbqNJ88TiRlli0hqFIfBQ7ZgQfB+:QFt8kmzfpyvKwbbqNJ888Hi0hqFF+QY","tlshash":"90c1b87579b51029307bb2bc5beb435a31a98107d882dd08befc92b45fd5c014ab76c5","first_seen":"2026-04-08T11:27:19.16898Z","last_seen":"2026-04-08T11:27:19.16898Z","times_seen":1,"resource_available":true,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/public/cqyzysp/files/main.js","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:08.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.yimei666.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 07:26:03 GMT","end":"Fri, 19 Jun 2026 07:26:02 GMT"},"fingerprint":{"sha1":"2F:DB:97:C4:64:2C:E8:CC:ED:AB:47:35:46:36:60:96:2A:98:38:AD","sha256":"BE:0C:96:9C:C4:3C:93:A9:27:8B:7E:CB:82:8F:44:00:F8:54:21:DC:E3:C8:B6:8A:98:59:49:BA:7F:22:85:17"}}},"request":{"raw":"GET /public/cqyzysp/files/main.js HTTP/1.1\r\nHost: www.gc-arpsc.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nCookie: Hm_lvt_ba208c54371f9e882dde0449821c64d8=1775647613; Hm_lpvt_ba208c54371f9e882dde0449821c64d8=1775647621\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:27:07 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 5839\r\nlast-modified: Tue, 31 Mar 2026 08:30:25 GMT\r\netag: \"69cb8621-16cf\"\r\nexpires: Wed, 08 Apr 2026 23:27:07 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5839,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"5eac8bd22d07bf5ba54e0abbbc93ada5","sha1":"b639333a8f53ac948491a1f9c8c604a10be64e25","sha256":"72dd267b28d5ef4f036666701955b0582ba4e48c033b2d7615b980c6bac08f5c","sha512":"ec257ae5e606e3521bb3788e5328afd1e813cb135620b29f091d7d67adfbbd63584df4a9b137ce6bbbe6345651a8de65b974e3255639aa4e39bde780a38567ba","ssdeep":"96:i/pRyWP8/FPkP586GG8KqzX+ZVUgQe6CoKViY9r0KtreXV5ViKZJZVVldexFSSsI:mRx8NP8R6UVDQRCoKVii0uSNiKZJZVr0","tlshash":"8ac1512664f33265417331f94b9f2284783510473509dd59be6e97c80f52e28bab3eea","first_seen":"2026-04-08T11:27:19.16794Z","last_seen":"2026-04-08T11:27:19.16794Z","times_seen":1,"resource_available":true,"data":null}},"time_used":901,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":901,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.gc-arpsc.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/public/cqyzysp/webfonts/fa-solid-900.woff2","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:09.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.yimei666.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 07:26:03 GMT","end":"Fri, 19 Jun 2026 07:26:02 GMT"},"fingerprint":{"sha1":"2F:DB:97:C4:64:2C:E8:CC:ED:AB:47:35:46:36:60:96:2A:98:38:AD","sha256":"BE:0C:96:9C:C4:3C:93:A9:27:8B:7E:CB:82:8F:44:00:F8:54:21:DC:E3:C8:B6:8A:98:59:49:BA:7F:22:85:17"}}},"request":{"raw":"GET /public/cqyzysp/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: www.gc-arpsc.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/public/cqyzysp/files/all.min.css\r\nCookie: Hm_lvt_ba208c54371f9e882dde0449821c64d8=1775647613; Hm_lpvt_ba208c54371f9e882dde0449821c64d8=1775647621\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:27:08 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"jQuery:1.10.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2019,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"c15b93cfa706e4015260e0a69fa4b6c7","sha1":"d1101789826dd774b6ed712bc4cbf660174d3bed","sha256":"d531d34a537ca7ea08a8f7686e29ca5ffdeb7032498e4df108c0855b2f163fdc","sha512":"923e63fdf0ecbeb49c9c6847106ea79a90c5c7fa8c4f3bac12936c64a810f3b972ea0f28a050bd288bb8b9c2c5bac2b7d06900444601fee83fd03ca435da7af6","ssdeep":"","tlshash":"f641981459858d0f803319f47673c75c7a2e11c39f6199b9ad912177eb4dd238e233a8","first_seen":"2026-04-08T11:27:19.158836Z","last_seen":"2026-04-08T11:27:19.158836Z","times_seen":1,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":236,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.gc-arpsc.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/public/cqyzysp/files/all.min.css","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:26:52.069Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.yimei666.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 07:26:03 GMT","end":"Fri, 19 Jun 2026 07:26:02 GMT"},"fingerprint":{"sha1":"2F:DB:97:C4:64:2C:E8:CC:ED:AB:47:35:46:36:60:96:2A:98:38:AD","sha256":"BE:0C:96:9C:C4:3C:93:A9:27:8B:7E:CB:82:8F:44:00:F8:54:21:DC:E3:C8:B6:8A:98:59:49:BA:7F:22:85:17"}}},"request":{"raw":"GET /public/cqyzysp/files/all.min.css HTTP/1.1\r\nHost: www.gc-arpsc.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:26:51 GMT\r\ncontent-type: text/css\r\ncontent-length: 102025\r\nlast-modified: Sat, 14 Mar 2026 16:06:42 GMT\r\netag: \"69b58792-18e89\"\r\nexpires: Wed, 08 Apr 2026 23:26:51 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102025,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (52276)","md5":"ded1c367363e8b20bdc6a19b8350a737","sha1":"8c06d82739d14b094ff6d9036021a252bd1d985d","sha256":"1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf","sha512":"89e71d2e66ac925ec2564aa45cd43f647fd72e5bd664e2728fb632eed71e9e6a43d72a404a8ce9993fc4d223ed985201e3a66676d01cf5e341bc7d07fd9a6207","ssdeep":"1536:OwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPGuZprfZCl:S709gMGFiyPGuZpfZCl","tlshash":"2ea3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-04-06T15:05:25Z","last_seen":"2026-04-15T20:40:26.407999Z","times_seen":43985,"resource_available":false,"data":null}},"time_used":911,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":684,"receive":227,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.gc-arpsc.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.38.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:26:53.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.gc-arpsc.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 03 Apr 2026 21:23:23 GMT\r\nexpires: Sat, 03 Apr 2027 21:23:23 GMT\r\ncache-control: public, max-age=31536000\r\nage: 396210\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-04-15T20:37:43.437579Z","times_seen":81690,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":114,"dns":0,"connect":20,"send":0,"wait":8,"receive":2,"ssl":94},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jsjsjs.vip/bztzl/cptj.js","fqdn":"www.jsjsjs.vip","domain":"jsjsjs.vip","tld":"vip"},"ip":{"addr":"103.48.133.35","port":443,"asn":138415,"as":"Yancy Limited","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:00.458Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.jsjsjs.vip","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 03:02:41 GMT","end":"Mon, 15 Jun 2026 03:02:40 GMT"},"fingerprint":{"sha1":"51:99:81:32:FC:0D:DB:AA:74:CB:9F:B8:17:B0:D7:4A:E5:A1:0E:7C","sha256":"40:3D:4C:43:1D:86:BC:97:E4:A9:95:F6:F1:AC:3B:E5:4E:16:C5:07:F5:93:D7:B0:76:E4:10:1C:DE:80:9E:D7"}}},"request":{"raw":"GET /bztzl/cptj.js HTTP/1.1\r\nHost: www.jsjsjs.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:26:59 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 45242\r\nlast-modified: Tue, 31 Mar 2026 08:30:31 GMT\r\netag: \"69cb8627-b0ba\"\r\nexpires: Wed, 08 Apr 2026 17:26:59 GMT\r\ncache-control: max-age=21600\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":45242,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"11aa92bed4df7a20d7591d42122c470d","sha1":"9c10512511d64245449941695095d69d275b19c2","sha256":"b86ee716217665142b98ffc376c3344aceab5108481fbe80a94c422407f72ef5","sha512":"52ebcab182a52c2c627914d5e0047513622db4c940e69788f24beebf92ab39a62afb30ebb47ffb30b52ba84a4bc7930b811f200c6c38ab9028d878b9da9bef9d","ssdeep":"768:aKXFiz4m8c3c8QuDvoh/Z7PZK9TKYRcuqHkGUCzNR:aK1i/P3c8QuDOB7QVKF/H7UUNR","tlshash":"c61361e0b38d912fdac17311957ee044f47fe936a2f898e9f58dd080786092a43b99f5","first_seen":"2025-10-12T14:11:32.660999Z","last_seen":"2026-04-08T11:27:19.161106Z","times_seen":7,"resource_available":true,"data":null}},"time_used":645,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":428,"receive":217,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/public/cqyzysp/webfonts/fa-solid-900.woff2","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:01.405Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.yimei666.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 07:26:03 GMT","end":"Fri, 19 Jun 2026 07:26:02 GMT"},"fingerprint":{"sha1":"2F:DB:97:C4:64:2C:E8:CC:ED:AB:47:35:46:36:60:96:2A:98:38:AD","sha256":"BE:0C:96:9C:C4:3C:93:A9:27:8B:7E:CB:82:8F:44:00:F8:54:21:DC:E3:C8:B6:8A:98:59:49:BA:7F:22:85:17"}}},"request":{"raw":"GET /public/cqyzysp/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: www.gc-arpsc.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/public/cqyzysp/files/all.min.css\r\nCookie: Hm_lvt_ba208c54371f9e882dde0449821c64d8=1775647613; Hm_lpvt_ba208c54371f9e882dde0449821c64d8=1775647613\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:27:00 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:1.10.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":2019,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"c15b93cfa706e4015260e0a69fa4b6c7","sha1":"d1101789826dd774b6ed712bc4cbf660174d3bed","sha256":"d531d34a537ca7ea08a8f7686e29ca5ffdeb7032498e4df108c0855b2f163fdc","sha512":"923e63fdf0ecbeb49c9c6847106ea79a90c5c7fa8c4f3bac12936c64a810f3b972ea0f28a050bd288bb8b9c2c5bac2b7d06900444601fee83fd03ca435da7af6","ssdeep":"","tlshash":"f641981459858d0f803319f47673c75c7a2e11c39f6199b9ad912177eb4dd238e233a8","first_seen":"2026-04-08T11:27:19.158836Z","last_seen":"2026-04-08T11:27:19.158836Z","times_seen":1,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.gc-arpsc.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/public/cqyzysp/files/mobile.css","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:09.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.yimei666.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 07:26:03 GMT","end":"Fri, 19 Jun 2026 07:26:02 GMT"},"fingerprint":{"sha1":"2F:DB:97:C4:64:2C:E8:CC:ED:AB:47:35:46:36:60:96:2A:98:38:AD","sha256":"BE:0C:96:9C:C4:3C:93:A9:27:8B:7E:CB:82:8F:44:00:F8:54:21:DC:E3:C8:B6:8A:98:59:49:BA:7F:22:85:17"}}},"request":{"raw":"GET /public/cqyzysp/files/mobile.css HTTP/1.1\r\nHost: www.gc-arpsc.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nCookie: Hm_lvt_ba208c54371f9e882dde0449821c64d8=1775647613; Hm_lpvt_ba208c54371f9e882dde0449821c64d8=1775647621\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:27:08 GMT\r\ncontent-type: text/css\r\ncontent-length: 1854\r\nlast-modified: Sat, 14 Mar 2026 16:06:44 GMT\r\netag: \"69b58794-73e\"\r\nexpires: Wed, 08 Apr 2026 23:27:08 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1854,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"73f47a83f0220c492030da319e934a38","sha1":"dc978efcd6d273bb3d874372cf3414a804db424c","sha256":"5ca086364f8f48bedce044bf3674a2b1b9c342bd9141595b3247b42e5d776fa9","sha512":"5ac7a9ff9eb554402300d8c4bc05594b63653a16f560804bfdd08a85970069462a19e7f09a488f8c10b9afb646d34e68eb8bd6b1939a3c28aa9e86b90f282b6a","ssdeep":"","tlshash":"6731355f3ae33105ad57b839bb7e2a456164e017e54dccb47d8d6648cf88ba06cc478c","first_seen":"2026-04-08T11:27:19.162053Z","last_seen":"2026-04-08T11:27:19.162053Z","times_seen":1,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":233,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.gc-arpsc.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.38.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:09.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.gc-arpsc.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 03 Apr 2026 21:23:23 GMT\r\nexpires: Sat, 03 Apr 2027 21:23:23 GMT\r\ncache-control: public, max-age=31536000\r\nage: 396226\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-04-15T20:37:43.437579Z","times_seen":81690,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jsjsjs.vip/jh/code.png","fqdn":"jsjsjs.vip","domain":"jsjsjs.vip","tld":"vip"},"ip":{"addr":"103.48.133.35","port":443,"asn":138415,"as":"Yancy Limited","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:27:09.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.jsjsjs.vip","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 03:02:41 GMT","end":"Mon, 15 Jun 2026 03:02:40 GMT"},"fingerprint":{"sha1":"51:99:81:32:FC:0D:DB:AA:74:CB:9F:B8:17:B0:D7:4A:E5:A1:0E:7C","sha256":"40:3D:4C:43:1D:86:BC:97:E4:A9:95:F6:F1:AC:3B:E5:4E:16:C5:07:F5:93:D7:B0:76:E4:10:1C:DE:80:9E:D7"}}},"request":{"raw":"GET /jh/code.png HTTP/1.1\r\nHost: jsjsjs.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:27:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 7559\r\nlast-modified: Mon, 18 Aug 2025 11:10:03 GMT\r\netag: \"68a30a0b-1d87\"\r\nexpires: Thu, 09 Apr 2026 11:27:08 GMT\r\ncache-control: max-age=86400\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7559,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced","md5":"562120ba230a3ffaadda9ac60e9e13c6","sha1":"d6d0acf09c451a92e09626a27bcd6f324e57a313","sha256":"89d9345d065581c6330bed1e01a0644519cee56943c7a0c4d6a18bc8c7883c72","sha512":"1c903784b305bcf11dbcaa088af07bba0f9fd19dcd94d87136c616c711399dcfe80396c96fcb0c22d02071bae0a2e786128743060b42f1740ed927a3bd7ea214","ssdeep":"192:pSalbqH5Jh7HbWiu0FoAj1UToW21l8RZbeCErY6C7PCvS:QOqH5n7k0uABUTo58reeD7SS","tlshash":"08f1a0c322dd3efc552a85b713867dc2b4d6668c7291b19b6a31e44cfc32af0d406259","first_seen":"2025-07-19T06:17:35.59498Z","last_seen":"2026-04-15T07:27:08.509037Z","times_seen":54,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jsjsjs.vip/jh/jh.js","fqdn":"www.jsjsjs.vip","domain":"jsjsjs.vip","tld":"vip"},"ip":{"addr":"103.48.133.35","port":443,"asn":138415,"as":"Yancy Limited","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:26:52.072Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.jsjsjs.vip","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 03:02:41 GMT","end":"Mon, 15 Jun 2026 03:02:40 GMT"},"fingerprint":{"sha1":"51:99:81:32:FC:0D:DB:AA:74:CB:9F:B8:17:B0:D7:4A:E5:A1:0E:7C","sha256":"40:3D:4C:43:1D:86:BC:97:E4:A9:95:F6:F1:AC:3B:E5:4E:16:C5:07:F5:93:D7:B0:76:E4:10:1C:DE:80:9E:D7"}}},"request":{"raw":"GET /jh/jh.js HTTP/1.1\r\nHost: www.jsjsjs.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:26:51 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 5852\r\nlast-modified: Tue, 31 Mar 2026 08:30:29 GMT\r\netag: \"69cb8625-16dc\"\r\nexpires: Wed, 08 Apr 2026 17:26:51 GMT\r\ncache-control: max-age=21600\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5852,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"4900a0e84d061110c04c2866cd705125","sha1":"9e806ebdfd564fc919b7873dd6ac0f456c4b8771","sha256":"edee38d03cec5cba48757216affe7729353d42987613287be56db8738d452445","sha512":"c1cd7d20695e882b0a4fb17f0c8f26e0a28732a0c3d3588738062326803f736555d140375980fe374bcdcd3a713eef97c6c0a91f5bc21c04849f4c4ab82ec376","ssdeep":"96:QFlH8kmAkpVAQ9xYvKwbbqNJ88TiRlli0hqFIfBQ7ZgQfB+:QFt8kmzfpyvKwbbqNJ888Hi0hqFF+QY","tlshash":"90c1b87579b51029307bb2bc5beb435a31a98107d882dd08befc92b45fd5c014ab76c5","first_seen":"2026-04-08T11:27:19.16898Z","last_seen":"2026-04-08T11:27:19.16898Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1579,"timings":{"blocked":473,"dns":0,"connect":226,"send":0,"wait":624,"receive":0,"ssl":253},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/orbitron/v35/yMJRMIlzdpvBhQQL_Qq7dy0.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.38.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:26:53.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/orbitron/v35/yMJRMIlzdpvBhQQL_Qq7dy0.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.gc-arpsc.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 11800\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 04 Apr 2026 01:57:34 GMT\r\nexpires: Sun, 04 Apr 2027 01:57:34 GMT\r\ncache-control: public, max-age=31536000\r\nage: 379759\r\nlast-modified: Thu, 04 Sep 2025 17:04:39 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11800,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 11800, version 1.0","md5":"5d281085f7277a3ec9c7586dd2f24a13","sha1":"d686c7f2bfeb693a91baf3aaa3b6e70aa1a5bcc3","sha256":"c25a9f9da5d9f3db1bf2a01474722dc9b377675b7bbab6d0dfda6902794fd1ed","sha512":"7a31ed0d967a47d8f6135b5889c2af595b1ed3993ee3e2e2f522875e6384773b1f9f96ac891c068599580a543001443b1a1d565563a13010d40e1dbac4142220","ssdeep":"192:oufNGqi8O6lHWqR+OVLlB2AynsvBhJo/WO9UrApcn4UwLqJhPCGSlkeLlM:vCjKBBB250BhJol9UB48SeeBM","tlshash":"fc32c067623046e2fc22b53001fc4500466865bfd140f1bfd66349e7766e9606eb2a3e","first_seen":"2025-06-03T09:08:22.59014Z","last_seen":"2026-04-15T20:27:56.814688Z","times_seen":3639,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":86,"dns":0,"connect":7,"send":0,"wait":8,"receive":1,"ssl":74},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gc-arpsc.org/public/cqyzysp/webfonts/fa-solid-900.ttf","fqdn":"www.gc-arpsc.org","domain":"gc-arpsc.org","tld":"org"},"ip":{"addr":"156.234.14.209","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.gc-arpsc.org/","date":"2026-04-08T11:26:53.384Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.yimei666.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 07:26:03 GMT","end":"Fri, 19 Jun 2026 07:26:02 GMT"},"fingerprint":{"sha1":"2F:DB:97:C4:64:2C:E8:CC:ED:AB:47:35:46:36:60:96:2A:98:38:AD","sha256":"BE:0C:96:9C:C4:3C:93:A9:27:8B:7E:CB:82:8F:44:00:F8:54:21:DC:E3:C8:B6:8A:98:59:49:BA:7F:22:85:17"}}},"request":{"raw":"GET /public/cqyzysp/webfonts/fa-solid-900.ttf HTTP/1.1\r\nHost: www.gc-arpsc.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gc-arpsc.org/public/cqyzysp/files/all.min.css\r\nCookie: Hm_lvt_ba208c54371f9e882dde0449821c64d8=1775647613; Hm_lpvt_ba208c54371f9e882dde0449821c64d8=1775647613\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 08 Apr 2026 11:26:53 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"jQuery:1.10.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2019,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"c15b93cfa706e4015260e0a69fa4b6c7","sha1":"d1101789826dd774b6ed712bc4cbf660174d3bed","sha256":"d531d34a537ca7ea08a8f7686e29ca5ffdeb7032498e4df108c0855b2f163fdc","sha512":"923e63fdf0ecbeb49c9c6847106ea79a90c5c7fa8c4f3bac12936c64a810f3b972ea0f28a050bd288bb8b9c2c5bac2b7d06900444601fee83fd03ca435da7af6","ssdeep":"","tlshash":"f641981459858d0f803319f47673c75c7a2e11c39f6199b9ad912177eb4dd238e233a8","first_seen":"2026-04-08T11:27:19.158836Z","last_seen":"2026-04-08T11:27:19.158836Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1308,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1308,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-08","alert":"Sinkholed","trigger":"www.gc-arpsc.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}