{"report_id":"e598b43e-0ec5-457b-be50-667dc0b964e0","version":6,"status":"done","tags":[],"date":"2026-03-19T08:59:04Z","url":{"schema":"http","addr":"gzjph.com/","fqdn":"gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"154.220.250.131","port":0,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"www.gzjph.com/","fqdn":"www.gzjph.com","domain":"gzjph.com","tld":"com"},"title":"保定电杆生产厂家-提供水泥,预应力电线杆定制批发-保定市九游会水泥制品有限公司","dom":{"size":5793,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1373)","md5":"15c8897b2753a3e35535651e1c3bb731","sha1":"65315aa8b969a0ac2fedf0cdc2cf7f3e7c468eff","sha256":"824c107dde02a1f29e9bdeb4c50de84ab43915011d736aca2de46c87ad724714","sha512":"10fde71535671870fc1d1206fb3d9381e90826e11f324fc0ab6424ace52ff7d3ef71c7ec459879ad89b82f993ae6425557c003977ac306d10ad3e472c73db6c4","ssdeep":"96:PdEPsuK4gDuItGi7gDuItIx2PBpxwWNL3QQt8bPuqqMrIj:KME2x25vwW1AQt8bPuq3+","tlshash":"fcc1d847910acf1f66158054bdd5f406889de923d26049e8e2ce4b8f4ee3ba9d273e27","dom_hash":"domhash7e2ffd101a8c605b2f4611a8aeeab70f","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"gzjph.com/","fqdn":"gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"154.220.250.131","port":0,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-23T08:59:04Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-19","alert":"Phishing Block","trigger":"www.gzjph.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"www.gzjph.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-19","alert":"Phishing Block","trigger":"gzjph.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"gzjph.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.gzjph.com","ip":{"addr":"154.220.250.131","port":443,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"domain_registered":"2026-01-10","domain_rank":0,"first_seen":"2026-03-01T10:22:32.356155Z","last_seen":"2026-03-01T10:22:32.356155Z","alert_count":36,"request_count":18,"received_data":363863,"sent_data":8424,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"RequireJS","description":"RequireJS is a JavaScript library and file loader which manages the dependencies between JavaScript files and in modular programming.","website":"https://requirejs.org","common_platform_enumeration":"","icon":"RequireJS.svg","categories":["JavaScript frameworks"]}]},{"fqdn":"omo-oss-image1.thefastimg.com","ip":{"addr":"43.159.94.129","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2021-04-27","domain_rank":2778310,"first_seen":"2022-11-07T14:24:03Z","last_seen":"2026-03-14T00:48:26.823658Z","alert_count":0,"request_count":4,"received_data":470103,"sent_data":2088,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"gzjph.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2026-01-10","domain_rank":0,"first_seen":"2026-03-19T08:59:04.472357Z","last_seen":"2026-03-19T08:59:04.472357Z","alert_count":4,"request_count":2,"received_data":73644,"sent_data":872,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"zz.bdstatic.com","ip":{"addr":"157.255.63.48","port":443,"asn":136958,"as":"China Unicom Guangdong IP network","country":"China","country_code":"CN"},"domain_registered":"2011-12-26","domain_rank":365334,"first_seen":"2017-01-30T07:45:48Z","last_seen":"2026-03-18T17:50:12.537818Z","alert_count":0,"request_count":1,"received_data":766,"sent_data":420,"comment":"","tags":null,"fingerprints":null},{"fqdn":"sp0.baidu.com","ip":{"addr":"103.235.46.102","port":443,"asn":55967,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"domain_registered":"1999-10-11","domain_rank":220073,"first_seen":"2014-12-05T23:12:12Z","last_seen":"2026-03-18T17:50:12.501569Z","alert_count":0,"request_count":1,"received_data":116,"sent_data":478,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.gzjph.com/","fqdn":"www.gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"154.220.250.131","port":443,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"83d9d9e3f711e7ce8a892f848a931d7e","sha1":"3eb400f7b18dd5506c117fb24b11c7146b551889","sha256":"c2a4bb034550647135570671883f29fb69b913156114d10a47e25b2b497f8109","sha512":"0610170be76fa356c736d9b54255d6f6c30f42c2b988c6bc192f8121f09ecb1adf8a2745b32a56bd19ab1dc1adad826609cd3e955698190e700a029e0930fbce","ssdeep":"48:KtFEpxRc7gDinItFgB4FxompoImYpIm7HNBRqYv5wLAy+aTyN8Ykqrb2DhlQFh5F:KtGi7gDuItlxZpBpxwWNL3QQt8bPI","tlshash":"d981d542910adf57aa5981947dc5f402884de423c3904aa8e6ce4f4f4ee3bb99333d16","size":4178,"data":"","first_seen":"2026-03-01T10:22:37.528487Z","last_seen":"2026-03-19T08:59:08.099215Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gzjph.com/","fqdn":"www.gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"154.220.250.131","port":443,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"56d8cea59c70c228aec4caa505e9e80c","sha1":"08c0b0285635e3e4e261bd5e413bfcafc07e0e2b","sha256":"e46e3e1dd6611a878cb2600dcea50e0c8f04a972f288ced9c8679a020a7965fc","sha512":"8d008cc0101d3dfe15c5b628af10d630aecdf64fa295525457501a7ff6d580e017d0acd26f2ccb810b9d6a18a50eb0b7124dae48591dee3f37cedf826aa86f2c","ssdeep":"","tlshash":"01118c1ee290562191ea8499ace5cd993570227319491b02b85cc4372970fd524febac","size":884,"data":"","first_seen":"2026-03-19T08:59:08.101273Z","last_seen":"2026-03-19T08:59:08.101273Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gzjph.com/static/2f0fc1df2d3ce7db5c6061fd5b5df9c1.js","fqdn":"www.gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"154.220.250.131","port":443,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"92a44b2fb2a29653c83fbb5155050911","sha1":"4c256f063b4d0e13a4f23760a4bb24c7dd8e4e4a","sha256":"52efe585eebc0e03be68ca5b7a31e03396d3849ba34fe920396095c23011da72","sha512":"ee0dc27b9eb5ed98bfefa2a90c7e8ccd2c61e4a058e614580cb04e687d204277216b8a7e451537ac5e6c3139a03660c363cd737f370adcb5015a3881a1456c7a","ssdeep":"384:lju5Yvc5I8dY1MNYDD+EXggAp0efmF7XqO8sfsrJIkX+Db5y:ob5NY19kr0efmMOlfsJIkX7","tlshash":"62c2f8cdb6b0641a636bb07c1d6f950831322807b88c8825bd8d56e06fd1d7ec5e7be9","size":26280,"data":"","first_seen":"2026-03-01T10:22:37.519144Z","last_seen":"2026-03-19T08:59:08.094266Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gzjph.com/","fqdn":"www.gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"154.220.250.131","port":443,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"91862680df880ab56f799547b01a5900","sha1":"bd184fe6e0e046873c1a606c89ce2d3eed4b689f","sha256":"6520359b93c2e43efd5a58f422af308b43c718769a0989344a10f00b345ca0b2","sha512":"2afcf14c790e641a87b98e38359cf558cfd65bd51174ceeafc39acb3af36f21260923b565009018ee7f283c1a911aa6427258f3defddeebb4df9c7a920bf30a8","ssdeep":"","tlshash":"ace02b6e9cb706b43a5114ba452fa818f1ea512f1044d402754cfc014f20da74b1dae4","size":404,"data":"","first_seen":"2023-03-07T01:02:09Z","last_seen":"2026-06-07T06:34:38.441253Z","times_seen":15078,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zz.bdstatic.com/linksubmit/push.js","fqdn":"zz.bdstatic.com","domain":"bdstatic.com","tld":"com"},"ip":{"addr":"157.255.63.48","port":443,"asn":136958,"as":"China Unicom Guangdong IP network","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"f9fc52ab67f035b8baf5d558714cc94d","sha1":"37062a6fb1ef410d496137d44275738ae743c747","sha256":"c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212","sha512":"ebb0415852fbb5b964094e2e55a28b90f701dff1977c8b98c6f24d65d09067dc0c417d01492ca28a4be6747816d7c0bfac87b73a33725aee047a5d2f7ab83182","ssdeep":"","tlshash":"11e0cde86054c01c0dcb107135bb324ce7771d675a645545c04d9445396cb1f8247fe9","size":308,"data":"","first_seen":"2023-03-07T01:18:58Z","last_seen":"2026-06-07T08:15:36.952989Z","times_seen":23338,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gzjph.com/","fqdn":"www.gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"154.220.250.131","port":443,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"8cb5190838a8453ea839218538d33f9b","sha1":"5e84ca901673b84e2aaead5de7bf7b73c51c826d","sha256":"d37668617e017a3c669da4e1f60f1ff3432cd68ef163e4c0135f04d9566403e4","sha512":"c080cc14034f9d2f9cfaf54ecd931b26e9de5d53a27954a97b08b337d8d857ea03eba5d163b6c0ba92df75d6b71d3e7dc38f3989191e032a53f448f1cd4f748c","ssdeep":"","tlshash":"bc9002d634c2102499572954051799b5313814b01448484090c0ada178e1220531555c","size":50,"data":"","first_seen":"2023-04-13T07:01:38Z","last_seen":"2026-06-07T16:24:42.07227Z","times_seen":611,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gzjph.com/","fqdn":"www.gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"154.220.250.131","port":443,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"8cb5190838a8453ea839218538d33f9b","sha1":"5e84ca901673b84e2aaead5de7bf7b73c51c826d","sha256":"d37668617e017a3c669da4e1f60f1ff3432cd68ef163e4c0135f04d9566403e4","sha512":"c080cc14034f9d2f9cfaf54ecd931b26e9de5d53a27954a97b08b337d8d857ea03eba5d163b6c0ba92df75d6b71d3e7dc38f3989191e032a53f448f1cd4f748c","ssdeep":"","tlshash":"bc9002d634c2102499572954051799b5313814b01448484090c0ada178e1220531555c","size":50,"data":"","first_seen":"2023-04-13T07:01:38Z","last_seen":"2026-06-07T16:24:42.07227Z","times_seen":611,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"www.gzjph.com/static/63bcffd93552eba74e8963da395b9745.png","fqdn":"www.gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"154.220.250.131","port":443,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gzjph.com/","date":"2026-03-19T08:58:44.333Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.gzjph.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 08:54:53 GMT","end":"Sun, 19 Apr 2026 08:54:52 GMT"},"fingerprint":{"sha1":"C0:CC:CD:EC:11:18:B5:D2:9B:94:D5:A5:DC:DD:91:6F:85:9C:DA:42","sha256":"37:B2:F6:FB:68:72:76:0F:DA:1A:61:CC:9B:B6:61:1B:52:4B:0F:B7:0D:73:9A:42:D7:C1:5B:29:16:AD:F5:E0"}}},"request":{"raw":"GET /static/63bcffd93552eba74e8963da395b9745.png HTTP/1.1\r\nHost: www.gzjph.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gzjph.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 19 Mar 2026 08:58:44 GMT\r\ncontent-type: image/png\r\ncontent-length: 1048\r\nlast-modified: Mon, 19 Jan 2026 07:34:55 GMT\r\netag: \"696dde9f-418\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1048,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 300, 8-bit/color RGB, non-interlaced","md5":"75ab2021983191c10087d1f45e652dcc","sha1":"dad91a1acb74ed19164c7f1c9c584d78658caf22","sha256":"a94b0f8cd0c5ee8e6847cb6d9716a61698bb3fdfd5a91c13ee51f7c7818e5eb1","sha512":"264285cef446167f7d7eeb22c02949ea38cdea5925c5c87456d7f8d12c4db9f58ade5e4fe76c3034db0676d0a77c9462736c1a9256b7966245e02007155585d7","ssdeep":"","tlshash":"23110a533d4dd5af88046836a04e8674b05c59a0ddf2e50af3918de226ce34ff032ab3","first_seen":"2026-03-01T10:22:37.516659Z","last_seen":"2026-04-10T08:13:31.27821Z","times_seen":3,"resource_available":false,"data":null}},"time_used":569,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":569,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-19","alert":"Phishing Block","trigger":"www.gzjph.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"www.gzjph.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gzjph.com/static/bad985afa350a02b61526f82772e128a.css","fqdn":"www.gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"154.220.250.131","port":443,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.gzjph.com/","date":"2026-03-19T08:58:44.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.gzjph.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 08:54:53 GMT","end":"Sun, 19 Apr 2026 08:54:52 GMT"},"fingerprint":{"sha1":"C0:CC:CD:EC:11:18:B5:D2:9B:94:D5:A5:DC:DD:91:6F:85:9C:DA:42","sha256":"37:B2:F6:FB:68:72:76:0F:DA:1A:61:CC:9B:B6:61:1B:52:4B:0F:B7:0D:73:9A:42:D7:C1:5B:29:16:AD:F5:E0"}}},"request":{"raw":"GET /static/bad985afa350a02b61526f82772e128a.css HTTP/1.1\r\nHost: www.gzjph.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gzjph.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 19 Mar 2026 08:58:44 GMT\r\ncontent-type: text/css\r\ncontent-length: 188\r\nlast-modified: Sun, 22 Feb 2026 18:25:24 GMT\r\netag: \"699b4a14-bc\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":188,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"88977b96bb0afc0a744aa5b52a8718a0","sha1":"b7de48cdd2af6edcbb4c0233a6a159d80656d3d7","sha256":"85b658b467197666248753d570c0e12cd833e2bb87772a4bb9a4608eecdcd3ac","sha512":"41b4c38ee1e6b996ea3a8dc7e286de451e034ad2ba0a037d4f3c1c5b4e8fd0d1c8239b5d0137955f21b0a26fd54ca8ad4bb846d6bc6373af9de81a40215b077e","ssdeep":"","tlshash":"28c01235e220400e30a3ce2d36c0fc909e9d62e1aa480b28f0a138a08d852a83f5632a","first_seen":"2026-03-01T10:22:37.510819Z","last_seen":"2026-03-19T08:59:08.057821Z","times_seen":2,"resource_available":false,"data":null}},"time_used":569,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":569,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"www.gzjph.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-19","alert":"Phishing Block","trigger":"www.gzjph.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gzjph.com/npublic/libs/core/ceccjquery.min.js,require.min.js,lib.min.js,page.min.js?instance=new2021110816245422852\u0026viewType=p\u0026v=1675235385000\u0026siteType=oper","fqdn":"www.gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"154.220.250.131","port":443,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.gzjph.com/","date":"2026-03-19T08:58:44.328Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.gzjph.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 08:54:53 GMT","end":"Sun, 19 Apr 2026 08:54:52 GMT"},"fingerprint":{"sha1":"C0:CC:CD:EC:11:18:B5:D2:9B:94:D5:A5:DC:DD:91:6F:85:9C:DA:42","sha256":"37:B2:F6:FB:68:72:76:0F:DA:1A:61:CC:9B:B6:61:1B:52:4B:0F:B7:0D:73:9A:42:D7:C1:5B:29:16:AD:F5:E0"}}},"request":{"raw":"GET /npublic/libs/core/ceccjquery.min.js,require.min.js,lib.min.js,page.min.js?instance=new2021110816245422852\u0026viewType=p\u0026v=1675235385000\u0026siteType=oper HTTP/1.1\r\nHost: www.gzjph.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gzjph.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 19 Mar 2026 08:58:44 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-10T02:14:21.808818Z","times_seen":16284503,"resource_available":true,"data":null}},"time_used":851,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":572,"receive":279,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"www.gzjph.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-19","alert":"Phishing Block","trigger":"www.gzjph.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gzjph.com/npublic/img/s.png","fqdn":"www.gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"154.220.250.131","port":443,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gzjph.com/","date":"2026-03-19T08:58:45.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.gzjph.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 08:54:53 GMT","end":"Sun, 19 Apr 2026 08:54:52 GMT"},"fingerprint":{"sha1":"C0:CC:CD:EC:11:18:B5:D2:9B:94:D5:A5:DC:DD:91:6F:85:9C:DA:42","sha256":"37:B2:F6:FB:68:72:76:0F:DA:1A:61:CC:9B:B6:61:1B:52:4B:0F:B7:0D:73:9A:42:D7:C1:5B:29:16:AD:F5:E0"}}},"request":{"raw":"GET /npublic/img/s.png HTTP/1.1\r\nHost: www.gzjph.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gzjph.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Thu, 19 Mar 2026 08:58:45 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":155,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"92e68f908319b6e6220d6e6aa43cf875","sha1":"b12b196d9d4c4a2becc59660f57ef62216d75c2b","sha256":"2161a1e4c474f603f0bf4a7e85ba6380bcd06186e31b8c3f13abe79235f6995f","sha512":"9c8bdd6348ad2d19bd1cec9858b5944c947fe1b663daaeaef4dde61faab38c5b1582cf8f26bcaa14d065f2dbc62fab90d423127ee4206741eb341338c2fefefd","ssdeep":"","tlshash":"1fc08c4d6413a9898a03011427c32640c196832fa8da84100a82c183b0cb29ac4c23ad","first_seen":"2023-04-09T18:59:55Z","last_seen":"2026-05-18T04:51:28.009882Z","times_seen":176,"resource_available":true,"data":null}},"time_used":289,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":289,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-19","alert":"Phishing Block","trigger":"www.gzjph.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"www.gzjph.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gzjph.com/static/3b9a5f23e711dc8b52ab403e684a1535.jpg","fqdn":"www.gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"154.220.250.131","port":443,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gzjph.com/","date":"2026-03-19T08:58:44.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.gzjph.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 08:54:53 GMT","end":"Sun, 19 Apr 2026 08:54:52 GMT"},"fingerprint":{"sha1":"C0:CC:CD:EC:11:18:B5:D2:9B:94:D5:A5:DC:DD:91:6F:85:9C:DA:42","sha256":"37:B2:F6:FB:68:72:76:0F:DA:1A:61:CC:9B:B6:61:1B:52:4B:0F:B7:0D:73:9A:42:D7:C1:5B:29:16:AD:F5:E0"}}},"request":{"raw":"GET /static/3b9a5f23e711dc8b52ab403e684a1535.jpg HTTP/1.1\r\nHost: www.gzjph.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gzjph.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 19 Mar 2026 08:58:44 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 4665\r\nlast-modified: Mon, 19 Jan 2026 07:34:55 GMT\r\netag: \"696dde9f-1239\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4665,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85\", baseline, precision 8, 400x300, components 3","md5":"221ab5864f31f34c28b2346bcea71523","sha1":"68278b4a18544b04408837cc76e9d860eb2c296c","sha256":"d1ea228cc5c8234eb8892eaeb569bf9efbd6dc8c77dcb555e398b9b638809067","sha512":"1370951ff9fd26684c44ad292827acf2880fa99d766aef6278578b2c6f42311311d48d0152cb097b7cd0891fe1ec3ddd6d9012b6709d10776fd09e25b33d914c","ssdeep":"96:fEo8Y8Y8Y8Y8Y8Y8Y8YLi3B2OthzHhzHhzHhzHhzHhzHhzHhzHhSUm9:fz8Y8Y8Y8Y8Y8Y8Y8YOx2O3lllllllk9","tlshash":"28a10b02098057d0641d47d48e1714f7afa46b9ceee84ecf5a172b6bbb91b3b510d8ce","first_seen":"2026-03-01T10:22:37.508934Z","last_seen":"2026-03-19T08:59:08.062734Z","times_seen":2,"resource_available":false,"data":null}},"time_used":568,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":568,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"www.gzjph.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-19","alert":"Phishing Block","trigger":"www.gzjph.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gzjph.com/static/d2892d7167bbfa860787b3d3fc78401e.jpg","fqdn":"www.gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"154.220.250.131","port":443,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gzjph.com/","date":"2026-03-19T08:58:44.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.gzjph.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 08:54:53 GMT","end":"Sun, 19 Apr 2026 08:54:52 GMT"},"fingerprint":{"sha1":"C0:CC:CD:EC:11:18:B5:D2:9B:94:D5:A5:DC:DD:91:6F:85:9C:DA:42","sha256":"37:B2:F6:FB:68:72:76:0F:DA:1A:61:CC:9B:B6:61:1B:52:4B:0F:B7:0D:73:9A:42:D7:C1:5B:29:16:AD:F5:E0"}}},"request":{"raw":"GET /static/d2892d7167bbfa860787b3d3fc78401e.jpg HTTP/1.1\r\nHost: www.gzjph.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gzjph.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 19 Mar 2026 08:58:44 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 4747\r\nlast-modified: Mon, 19 Jan 2026 07:34:55 GMT\r\netag: \"696dde9f-128b\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4747,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85\", baseline, precision 8, 400x300, components 3","md5":"7c05b79e0b0ada4bec91dd5dae62c5bf","sha1":"7f1ca70c4f52b848d27d0bd6c9c1bf029eaf4507","sha256":"c53bb22c8ac40340c69be2dfb68c6237b0773b73c63317aa61d03857b01346c2","sha512":"4bc962c35b6d4adcdf1e831aac04c137236c96ec50e72bd12153214785ab36603df8b724af932d6d25090cd68a11cde3fc362bd6e1a08628e03bc21cf76ff695","ssdeep":"48:UfMvmluERAtdYVdddddddddddddddddddddfeU4sej9xLc/ZK6Vddddddddddddh:fEsdYreU5kvn6reU5ivy","tlshash":"3ca104138c188b82a41d43f9bf535d6d6f1e6b5ca8823aeb14b20edb3f251650c4e52d","first_seen":"2026-03-01T10:22:37.525544Z","last_seen":"2026-03-19T08:59:08.065295Z","times_seen":3,"resource_available":false,"data":null}},"time_used":806,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":805,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-19","alert":"Phishing Block","trigger":"www.gzjph.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"www.gzjph.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"omo-oss-image1.thefastimg.com/portal-saas/new2021110816245422852/cms/image/fff0c4d6-ae91-4480-a5b4-863e0d01f505.jpg","fqdn":"omo-oss-image1.thefastimg.com","domain":"thefastimg.com","tld":"com"},"ip":{"addr":"43.159.94.129","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gzjph.com/","date":"2026-03-19T08:58:45.228Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.thefastimg.com","organization":""},"issuer":{"commonName":"XinNet DV TLS CA","organization":"Xin Net Technology Corp."},"validity":{"start":"Thu, 03 Jul 2025 01:37:11 GMT","end":"Fri, 03 Jul 2026 01:37:10 GMT"},"fingerprint":{"sha1":"BE:DE:E5:10:F8:89:09:7D:12:6B:91:17:81:03:F1:74:E4:DA:80:62","sha256":"E7:A4:CC:76:4D:54:5C:E8:FD:C8:42:EE:BD:F9:02:5F:2D:3D:11:D6:BC:BA:D6:DB:E8:61:FC:24:01:1E:B0:90"}}},"request":{"raw":"GET /portal-saas/new2021110816245422852/cms/image/fff0c4d6-ae91-4480-a5b4-863e0d01f505.jpg HTTP/1.1\r\nHost: omo-oss-image1.thefastimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gzjph.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\naccess-control-allow-methods: *\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 5\r\naccess-control-expose-headers: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-security-policy: default-src 'self'\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\nexpires: Sat, 18 Apr 2026 08:58:46 GMT\r\np3p: CP=IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\r\ncontent-length: 148499\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15552000;includeSubDomains;preload\r\ndate: Thu, 19 Mar 2026 08:58:45 GMT\r\neo-log-uuid: 5930600023477586417\r\neo-cache-status: MISS\r\ncache-control: max-age=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":148499,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x890, components 3","md5":"43fd4c80d812bdcf49ba98590f0b47bf","sha1":"b10c2ce2fd7017caf3f47a14fbca4323600607eb","sha256":"2736b616bead77c14b666145466e742494d508dc715544bd464b956e3709ec33","sha512":"b64ac7cfa87bf8cf175ff1bd323835da66bb619b6b4d70d197b337696687353db117d93e95571db65811191a979588aabd2aebbba095873c2a840db4382f1411","ssdeep":"3072:QYpSxk5sRqJM9ndaR8fVt4s/9ZEXe4qnYQ6fLRbgF3pp93ER5:xpok51J4umpIXnqqtipM","tlshash":"bce3020fce10931be4e48a31413bde9a17a6b409f18a63144b663e07f594777cfb6b92","first_seen":"2026-03-01T10:22:37.509869Z","last_seen":"2026-03-19T08:59:08.068113Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2083,"timings":{"blocked":428,"dns":377,"connect":20,"send":0,"wait":536,"receive":688,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"omo-oss-image1.thefastimg.com/portal-saas/new2021110816245422852/cms/image/20dd68a2-a47b-4ddb-baa4-547fc4367a25.jpg","fqdn":"omo-oss-image1.thefastimg.com","domain":"thefastimg.com","tld":"com"},"ip":{"addr":"43.159.94.129","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gzjph.com/","date":"2026-03-19T08:58:45.235Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.thefastimg.com","organization":""},"issuer":{"commonName":"XinNet DV TLS CA","organization":"Xin Net Technology Corp."},"validity":{"start":"Thu, 03 Jul 2025 01:37:11 GMT","end":"Fri, 03 Jul 2026 01:37:10 GMT"},"fingerprint":{"sha1":"BE:DE:E5:10:F8:89:09:7D:12:6B:91:17:81:03:F1:74:E4:DA:80:62","sha256":"E7:A4:CC:76:4D:54:5C:E8:FD:C8:42:EE:BD:F9:02:5F:2D:3D:11:D6:BC:BA:D6:DB:E8:61:FC:24:01:1E:B0:90"}}},"request":{"raw":"GET /portal-saas/new2021110816245422852/cms/image/20dd68a2-a47b-4ddb-baa4-547fc4367a25.jpg HTTP/1.1\r\nHost: omo-oss-image1.thefastimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gzjph.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\naccess-control-allow-methods: *\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 5\r\naccess-control-expose-headers: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-security-policy: default-src 'self'\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\nexpires: Sat, 18 Apr 2026 08:58:46 GMT\r\np3p: CP=IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\r\ncontent-length: 135487\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15552000;includeSubDomains;preload\r\ndate: Thu, 19 Mar 2026 08:58:45 GMT\r\neo-log-uuid: 1976208399165961481\r\neo-cache-status: MISS\r\ncache-control: max-age=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":135487,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x960, components 3","md5":"81e4514f1713e4c321f42af8804dd919","sha1":"ad82bcca256f907234c1d714c2e6019ec90a8061","sha256":"175b0106a286469bf9a46f8739565e8ea97fe0e941215922164f40ad27026f79","sha512":"264d8b26bc1f8e5c198433995c9ff90c6ef5dd5b1fe636f929df372b87fe4b91f57943fb12ba1c8a2c4bdeceadf16ea7061d19abcf996fcf8e935167bc9552d4","ssdeep":"3072:ORI1F/uLIoIpxu5mqr8kH+h8bK7y3u4mhR9LI:zxIZIpxu5mtW68b+3LI","tlshash":"2bd301971ea40c22ed2c573c83472b3a75554c86ee8cd31ef4e92d98fbe32696536980","first_seen":"2025-08-23T06:23:25.914467Z","last_seen":"2026-03-19T08:59:08.070612Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2180,"timings":{"blocked":423,"dns":369,"connect":22,"send":0,"wait":606,"receive":726,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gzjph.com/static/4bea6c6e78bb6a533d0fccf162d18a15.css","fqdn":"www.gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"154.220.250.131","port":443,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.gzjph.com/","date":"2026-03-19T08:58:44.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.gzjph.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 08:54:53 GMT","end":"Sun, 19 Apr 2026 08:54:52 GMT"},"fingerprint":{"sha1":"C0:CC:CD:EC:11:18:B5:D2:9B:94:D5:A5:DC:DD:91:6F:85:9C:DA:42","sha256":"37:B2:F6:FB:68:72:76:0F:DA:1A:61:CC:9B:B6:61:1B:52:4B:0F:B7:0D:73:9A:42:D7:C1:5B:29:16:AD:F5:E0"}}},"request":{"raw":"GET /static/4bea6c6e78bb6a533d0fccf162d18a15.css HTTP/1.1\r\nHost: www.gzjph.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gzjph.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 19 Mar 2026 08:58:44 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 19 Jan 2026 07:34:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"696dde9e-9cf3\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":40179,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (40165)","md5":"362325407ec7a2cc1db3e5201c4c7c1d","sha1":"9229e6a0da93ddf98e12328f11afd7edd5042466","sha256":"efae5ef559b21a57840ec544647494488c8083402eb91a0f49242815a170c7bb","sha512":"b291bfc107026f303ff8414606c504bc3a9eb91cb5579a423be2d12591bb0e20e523846bc2a819a1142a51b2873b4e2d6c10d6f3f5825e2d834e021237eed080","ssdeep":"384:ZBVdTK1j7Ld1ezB0Iy8F0NaBL15AjNbAMQRlX7V3PwPUuFmAozWTtpT2f01AHaMJ:HTa94oIQqn17V3PcAWTtpTAJ","tlshash":"97035711aa7152acb023c53f264a1a8e311ec513e367efd5ee27d625c49578a0f32fc9","first_seen":"2026-03-01T10:22:37.518266Z","last_seen":"2026-03-19T08:59:08.071844Z","times_seen":2,"resource_available":false,"data":null}},"time_used":569,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":569,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"www.gzjph.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-19","alert":"Phishing Block","trigger":"www.gzjph.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gzjph.com/static/8c06611ba098455cefb275c47f8d6267.png","fqdn":"www.gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"154.220.250.131","port":443,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gzjph.com/","date":"2026-03-19T08:58:44.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.gzjph.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 08:54:53 GMT","end":"Sun, 19 Apr 2026 08:54:52 GMT"},"fingerprint":{"sha1":"C0:CC:CD:EC:11:18:B5:D2:9B:94:D5:A5:DC:DD:91:6F:85:9C:DA:42","sha256":"37:B2:F6:FB:68:72:76:0F:DA:1A:61:CC:9B:B6:61:1B:52:4B:0F:B7:0D:73:9A:42:D7:C1:5B:29:16:AD:F5:E0"}}},"request":{"raw":"GET /static/8c06611ba098455cefb275c47f8d6267.png HTTP/1.1\r\nHost: www.gzjph.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gzjph.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 19 Mar 2026 08:58:44 GMT\r\ncontent-type: image/png\r\ncontent-length: 1056\r\nlast-modified: Mon, 19 Jan 2026 07:34:55 GMT\r\netag: \"696dde9f-420\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1056,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 300, 8-bit/color RGB, non-interlaced","md5":"13d8570c2e54f89c029e79a01d076edb","sha1":"bb7412af7693f8dc94c44e29da215a3f389e1248","sha256":"eaa3fc05498b4b986afc17bf759bfe0a934a1b3498fc5aa7f602b168637201ee","sha512":"24724bb5834f5a068055b74e58c784ddb09e9c5e019076d66854bf623fbb70e9b473e3b1251dd021b1b23f09917a6cd882fdfe5a314994d91113e750c3a86753","ssdeep":"","tlshash":"8211b807391dd4bf54042876e18f49a4a4a99664ddb2e20ff3814de127cd34ff532567","first_seen":"2026-03-01T10:22:37.513363Z","last_seen":"2026-04-10T08:13:31.320073Z","times_seen":3,"resource_available":false,"data":null}},"time_used":569,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":569,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-19","alert":"Phishing Block","trigger":"www.gzjph.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"www.gzjph.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gzjph.com/npublic/img/s.png","fqdn":"www.gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"154.220.250.131","port":443,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gzjph.com/","date":"2026-03-19T08:58:44.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.gzjph.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 08:54:53 GMT","end":"Sun, 19 Apr 2026 08:54:52 GMT"},"fingerprint":{"sha1":"C0:CC:CD:EC:11:18:B5:D2:9B:94:D5:A5:DC:DD:91:6F:85:9C:DA:42","sha256":"37:B2:F6:FB:68:72:76:0F:DA:1A:61:CC:9B:B6:61:1B:52:4B:0F:B7:0D:73:9A:42:D7:C1:5B:29:16:AD:F5:E0"}}},"request":{"raw":"GET /npublic/img/s.png HTTP/1.1\r\nHost: www.gzjph.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gzjph.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Thu, 19 Mar 2026 08:58:44 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":155,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"92e68f908319b6e6220d6e6aa43cf875","sha1":"b12b196d9d4c4a2becc59660f57ef62216d75c2b","sha256":"2161a1e4c474f603f0bf4a7e85ba6380bcd06186e31b8c3f13abe79235f6995f","sha512":"9c8bdd6348ad2d19bd1cec9858b5944c947fe1b663daaeaef4dde61faab38c5b1582cf8f26bcaa14d065f2dbc62fab90d423127ee4206741eb341338c2fefefd","ssdeep":"","tlshash":"1fc08c4d6413a9898a03011427c32640c196832fa8da84100a82c183b0cb29ac4c23ad","first_seen":"2023-04-09T18:59:55Z","last_seen":"2026-05-18T04:51:28.009882Z","times_seen":176,"resource_available":true,"data":null}},"time_used":849,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":849,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-19","alert":"Phishing Block","trigger":"www.gzjph.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"www.gzjph.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gzjph.com/static/899bdae23f0ce9f7e945acd8549a9352.jpg","fqdn":"www.gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"154.220.250.131","port":443,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gzjph.com/","date":"2026-03-19T08:58:44.338Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.gzjph.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 08:54:53 GMT","end":"Sun, 19 Apr 2026 08:54:52 GMT"},"fingerprint":{"sha1":"C0:CC:CD:EC:11:18:B5:D2:9B:94:D5:A5:DC:DD:91:6F:85:9C:DA:42","sha256":"37:B2:F6:FB:68:72:76:0F:DA:1A:61:CC:9B:B6:61:1B:52:4B:0F:B7:0D:73:9A:42:D7:C1:5B:29:16:AD:F5:E0"}}},"request":{"raw":"GET /static/899bdae23f0ce9f7e945acd8549a9352.jpg HTTP/1.1\r\nHost: www.gzjph.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gzjph.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 19 Mar 2026 08:58:44 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 4749\r\nlast-modified: Mon, 19 Jan 2026 07:34:55 GMT\r\netag: \"696dde9f-128d\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4749,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85\", baseline, precision 8, 400x300, components 3","md5":"265597b65132e5e9c2558716e8ea4f9a","sha1":"9d8ee42cd231193e2317711ebd0d1a081edbb223","sha256":"d85664af4b92e88eb626197eb1f154bd4988256e469067cad9d2e6bea8108df8","sha512":"867f19f1c7f0db29c2373d295b27c7d7c7f4f0474e63fb974fe2f9d2b8ae3ff58b599b05b279ba0eec06d4a0ca783395d9a28134841198696610d87d80a3c4f4","ssdeep":"96:fEETaA/8cGbGzmu+l55A/8cGbGz3Kppppu:fj5ETij+LyETi3Kppppu","tlshash":"d8a18a438c548b92e52c57e9be070dad6b49175cf8826aef41711ecb7f302674c8e1ad","first_seen":"2026-03-01T10:22:37.524745Z","last_seen":"2026-03-26T02:10:06.159684Z","times_seen":3,"resource_available":false,"data":null}},"time_used":850,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":849,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-19","alert":"Phishing Block","trigger":"www.gzjph.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"www.gzjph.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gzjph.com/static/a4c5b1bc83646f663657449713ef3726.jpg","fqdn":"www.gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"154.220.250.131","port":443,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gzjph.com/","date":"2026-03-19T08:58:44.339Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.gzjph.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 08:54:53 GMT","end":"Sun, 19 Apr 2026 08:54:52 GMT"},"fingerprint":{"sha1":"C0:CC:CD:EC:11:18:B5:D2:9B:94:D5:A5:DC:DD:91:6F:85:9C:DA:42","sha256":"37:B2:F6:FB:68:72:76:0F:DA:1A:61:CC:9B:B6:61:1B:52:4B:0F:B7:0D:73:9A:42:D7:C1:5B:29:16:AD:F5:E0"}}},"request":{"raw":"GET /static/a4c5b1bc83646f663657449713ef3726.jpg HTTP/1.1\r\nHost: www.gzjph.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gzjph.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 19 Mar 2026 08:58:44 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 4811\r\nlast-modified: Mon, 19 Jan 2026 07:34:55 GMT\r\netag: \"696dde9f-12cb\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4811,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85\", baseline, precision 8, 400x300, components 3","md5":"2acc65795a15a91afa3b4ea55c398198","sha1":"b2844b038d8bea3d60e1d6beae86aa3a6ea5b12e","sha256":"a83e9a0623db8595e94e23de15c217ce869bc8c08752a9edba3452da1a6d43d6","sha512":"9e6579dad7fba89899460cb42e4b8860bd8764963b94d9d6167a4b397955f64d0da76ad23184bdb1809a56b2b505e0f1ad5f52cf881ed1a8063ff876831c1275","ssdeep":"96:fEx/31l0LiaxU31l0LiaxU3aKzNl0LiaxU31l0LiaxU31lpb3b3c6:fOlPlFzNlPlPlxr5","tlshash":"faa1b4ab8c2c55c2f00d13edfd001cbd38198a2efd966bfa29a55ee47e0450a4c1783b","first_seen":"2026-03-01T10:22:37.522791Z","last_seen":"2026-04-10T08:13:31.312886Z","times_seen":3,"resource_available":false,"data":null}},"time_used":807,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":806,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"www.gzjph.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-19","alert":"Phishing Block","trigger":"www.gzjph.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"omo-oss-image1.thefastimg.com/portal-saas/new2021110816245422852/cms/image/3bfb8ba2-12f5-4bde-be77-eb7745b6b14c.jpg","fqdn":"omo-oss-image1.thefastimg.com","domain":"thefastimg.com","tld":"com"},"ip":{"addr":"43.159.94.129","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gzjph.com/","date":"2026-03-19T08:58:45.238Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.thefastimg.com","organization":""},"issuer":{"commonName":"XinNet DV TLS CA","organization":"Xin Net Technology Corp."},"validity":{"start":"Thu, 03 Jul 2025 01:37:11 GMT","end":"Fri, 03 Jul 2026 01:37:10 GMT"},"fingerprint":{"sha1":"BE:DE:E5:10:F8:89:09:7D:12:6B:91:17:81:03:F1:74:E4:DA:80:62","sha256":"E7:A4:CC:76:4D:54:5C:E8:FD:C8:42:EE:BD:F9:02:5F:2D:3D:11:D6:BC:BA:D6:DB:E8:61:FC:24:01:1E:B0:90"}}},"request":{"raw":"GET /portal-saas/new2021110816245422852/cms/image/3bfb8ba2-12f5-4bde-be77-eb7745b6b14c.jpg HTTP/1.1\r\nHost: omo-oss-image1.thefastimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gzjph.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\naccess-control-allow-methods: *\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 5\r\naccess-control-expose-headers: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-security-policy: default-src 'self'\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\nexpires: Sat, 18 Apr 2026 08:58:46 GMT\r\np3p: CP=IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\r\ncontent-length: 96354\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15552000;includeSubDomains;preload\r\ndate: Thu, 19 Mar 2026 08:58:45 GMT\r\neo-log-uuid: 15320497436611061314\r\neo-cache-status: MISS\r\ncache-control: max-age=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":96354,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 960x413, components 3","md5":"9a44c33f4ea1de9488ddf8555558d71b","sha1":"ae551ddb328da33476726c3f1585202ddba80b70","sha256":"984987c149feef174867c095bbd3140b756082cca5262b16853f75c38c6d6bb8","sha512":"a519318a1252f22b8ed0b2b5bac630f8bbe1d3e0dd6cc127d58d0e12ed887b1d6a6857a03f3dd0f38c90ada839af6541094d9ea4913ec666696803c7ed51a317","ssdeep":"1536:PGb6JHdcV6HP3YHdk/ag0FOY5/J/MZ50O0+Z1L294R9PoWiyj:P1JiogHdC38/5z+Z5aQZiK","tlshash":"d8931258ce03c1725597e333a48ecbe8d71124e0fbf05ffd96b62e07a86142cd868655","first_seen":"2026-03-01T10:22:37.507076Z","last_seen":"2026-03-19T08:59:08.08222Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2058,"timings":{"blocked":422,"dns":367,"connect":22,"send":0,"wait":578,"receive":633,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gzjph.com/","fqdn":"gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-19T08:58:41.578Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: gzjph.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-10T02:14:21.808818Z","times_seen":16284503,"resource_available":true,"data":null}},"time_used":640,"timings":{"blocked":0,"dns":68,"connect":279,"send":0,"wait":0,"receive":0,"ssl":290},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-19","alert":"Phishing Block","trigger":"gzjph.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"gzjph.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gzjph.com/static/efd493062031cd752483a7f0111b7b5a.jpg","fqdn":"www.gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"154.220.250.131","port":443,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gzjph.com/","date":"2026-03-19T08:58:44.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.gzjph.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 08:54:53 GMT","end":"Sun, 19 Apr 2026 08:54:52 GMT"},"fingerprint":{"sha1":"C0:CC:CD:EC:11:18:B5:D2:9B:94:D5:A5:DC:DD:91:6F:85:9C:DA:42","sha256":"37:B2:F6:FB:68:72:76:0F:DA:1A:61:CC:9B:B6:61:1B:52:4B:0F:B7:0D:73:9A:42:D7:C1:5B:29:16:AD:F5:E0"}}},"request":{"raw":"GET /static/efd493062031cd752483a7f0111b7b5a.jpg HTTP/1.1\r\nHost: www.gzjph.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gzjph.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 19 Mar 2026 08:58:44 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 4812\r\nlast-modified: Mon, 19 Jan 2026 07:34:55 GMT\r\netag: \"696dde9f-12cc\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4812,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85\", baseline, precision 8, 400x300, components 3","md5":"337961a6e7eacc0a6e4c50b01b3098b8","sha1":"33bdc792c9b356ebb5cedf27feaf1cc50ad27d8f","sha256":"fb59c2c10d47fa8399a2d20272d8a48f2f50c71901b49b1b986aab81adf30ab5","sha512":"7fe08d5e95f3667f6c690f555cfde16b183871f328327b3b11ce175ea592d8c422bb578954c4b184c6c40ad8e580adde545572b3b5c8ac957779be15d24ccb99","ssdeep":"96:fERIIIIo3Zil/piazzf3K0orcol/piazzf3Zil4:f4IIIIYilcrFlxil4","tlshash":"57a198578c184b83a01d43e5be530e7d6f0a3b2de8863afe15a24dd73f142150c8e92e","first_seen":"2026-03-01T10:22:37.521567Z","last_seen":"2026-04-10T08:13:31.316377Z","times_seen":5,"resource_available":false,"data":null}},"time_used":806,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":805,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"www.gzjph.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-19","alert":"Phishing Block","trigger":"www.gzjph.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"zz.bdstatic.com/linksubmit/push.js","fqdn":"zz.bdstatic.com","domain":"bdstatic.com","tld":"com"},"ip":{"addr":"157.255.63.48","port":443,"asn":136958,"as":"China Unicom Guangdong IP network","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.gzjph.com/","date":"2026-03-19T08:58:45.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /linksubmit/push.js HTTP/1.1\r\nHost: zz.bdstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gzjph.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: JSP3/2.0.14\r\ndate: Thu, 19 Mar 2026 08:58:46 GMT\r\ncontent-type: application/x-javascript\r\nlast-modified: Tue, 03 Mar 2026 15:10:50 GMT\r\netag: \"69a6f9fa-134\"\r\ncache-control: max-age=86400\r\ncontent-encoding: br\r\nage: 7096\r\naccept-ranges: bytes\r\ntracecode: 31341261750481464074031914\r\nohc-global-saved-time: Thu, 19 Mar 2026 06:52:14 GMT\r\nohc-cache-hit: gz5un63 [2], jnuncache65 [2]\r\nohc-response-time: 1 0 0 0 0 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":308,"size_decoded":0,"mime_type":"application/x-javascript","magic":"ASCII text, with very long lines (308), with no line terminators","md5":"f9fc52ab67f035b8baf5d558714cc94d","sha1":"37062a6fb1ef410d496137d44275738ae743c747","sha256":"c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212","sha512":"ebb0415852fbb5b964094e2e55a28b90f701dff1977c8b98c6f24d65d09067dc0c417d01492ca28a4be6747816d7c0bfac87b73a33725aee047a5d2f7ab83182","ssdeep":"","tlshash":"11e0cde86054c01c0dcb107135bb324ce7771d675a645545c04d9445396cb1f8247fe9","first_seen":"2023-03-07T01:18:58Z","last_seen":"2026-06-07T08:15:36.952989Z","times_seen":23338,"resource_available":true,"data":null}},"time_used":2772,"timings":{"blocked":1251,"dns":685,"connect":264,"send":0,"wait":267,"receive":0,"ssl":302},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gzjph.com/favicon.ico","fqdn":"www.gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"154.220.250.131","port":443,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gzjph.com/","date":"2026-03-19T08:58:45.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.gzjph.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 08:54:53 GMT","end":"Sun, 19 Apr 2026 08:54:52 GMT"},"fingerprint":{"sha1":"C0:CC:CD:EC:11:18:B5:D2:9B:94:D5:A5:DC:DD:91:6F:85:9C:DA:42","sha256":"37:B2:F6:FB:68:72:76:0F:DA:1A:61:CC:9B:B6:61:1B:52:4B:0F:B7:0D:73:9A:42:D7:C1:5B:29:16:AD:F5:E0"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.gzjph.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gzjph.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Thu, 19 Mar 2026 08:58:46 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":155,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"92e68f908319b6e6220d6e6aa43cf875","sha1":"b12b196d9d4c4a2becc59660f57ef62216d75c2b","sha256":"2161a1e4c474f603f0bf4a7e85ba6380bcd06186e31b8c3f13abe79235f6995f","sha512":"9c8bdd6348ad2d19bd1cec9858b5944c947fe1b663daaeaef4dde61faab38c5b1582cf8f26bcaa14d065f2dbc62fab90d423127ee4206741eb341338c2fefefd","ssdeep":"","tlshash":"1fc08c4d6413a9898a03011427c32640c196832fa8da84100a82c183b0cb29ac4c23ad","first_seen":"2023-04-09T18:59:55Z","last_seen":"2026-05-18T04:51:28.009882Z","times_seen":176,"resource_available":true,"data":null}},"time_used":290,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":290,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-19","alert":"Phishing Block","trigger":"www.gzjph.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"www.gzjph.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://www.gzjph.com/","fqdn":"sp0.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"103.235.46.102","port":443,"asn":55967,"as":"Beijing Baidu Netcom Science and Technology Co., Ltd.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gzjph.com/","date":"2026-03-19T08:58:46.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://www.gzjph.com/ HTTP/1.1\r\nHost: sp0.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gzjph.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Length: 0\r\nContent-Type: text/plain; charset=utf-8\r\nDate: Thu, 19 Mar 2026 08:58:48 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-10T02:14:21.808818Z","times_seen":16284503,"resource_available":true,"data":null}},"time_used":3653,"timings":{"blocked":1658,"dns":844,"connect":265,"send":0,"wait":336,"receive":1,"ssl":546},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gzjph.com/","fqdn":"www.gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"154.220.250.131","port":443,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-19T08:58:42.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.gzjph.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 08:54:53 GMT","end":"Sun, 19 Apr 2026 08:54:52 GMT"},"fingerprint":{"sha1":"C0:CC:CD:EC:11:18:B5:D2:9B:94:D5:A5:DC:DD:91:6F:85:9C:DA:42","sha256":"37:B2:F6:FB:68:72:76:0F:DA:1A:61:CC:9B:B6:61:1B:52:4B:0F:B7:0D:73:9A:42:D7:C1:5B:29:16:AD:F5:E0"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.gzjph.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 19 Mar 2026 08:58:43 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"RequireJS","description":"RequireJS is a JavaScript library and file loader which manages the dependencies between JavaScript files and in modular programming.","website":"https://requirejs.org","common_platform_enumeration":"","icon":"RequireJS.svg","categories":["JavaScript frameworks"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":73454,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2089)","md5":"6c4799edfb4ed25cab87aaffeefa5daf","sha1":"0ce546332aa60c053593381fbc1a7b62ff2f91bf","sha256":"8e0b611377f45ae948f1e3bf3a360a33c2242c45131983b0240cfe08ba3a96d3","sha512":"8567aa333f7ae2b59e4e92fd32398526676dc3d1311b5a297e95ea52f4865b31e28f9e0344333b144d41a3f18f69bbc0efa0b44ece7b601aba0f3e0567493469","ssdeep":"1536:OADzd5ry9w78Bz038aREnTQ75zhHPFoG12NurggV1SbwpNy/ynxy:ndbREnMltH71Fxs","tlshash":"0c638225d1fb9777015e7590f8b0ab0db883d313c7825bf5b6ec95848b81d8a8c039ae","first_seen":"2026-03-19T08:59:08.088673Z","last_seen":"2026-03-19T08:59:08.088673Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1905,"timings":{"blocked":668,"dns":83,"connect":282,"send":0,"wait":572,"receive":0,"ssl":296},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"www.gzjph.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-19","alert":"Phishing Block","trigger":"www.gzjph.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gzjph.com/static/a955157e4991cea9503eb5cdf2260212.css","fqdn":"www.gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"154.220.250.131","port":443,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.gzjph.com/","date":"2026-03-19T08:58:44.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.gzjph.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 08:54:53 GMT","end":"Sun, 19 Apr 2026 08:54:52 GMT"},"fingerprint":{"sha1":"C0:CC:CD:EC:11:18:B5:D2:9B:94:D5:A5:DC:DD:91:6F:85:9C:DA:42","sha256":"37:B2:F6:FB:68:72:76:0F:DA:1A:61:CC:9B:B6:61:1B:52:4B:0F:B7:0D:73:9A:42:D7:C1:5B:29:16:AD:F5:E0"}}},"request":{"raw":"GET /static/a955157e4991cea9503eb5cdf2260212.css HTTP/1.1\r\nHost: www.gzjph.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gzjph.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 19 Mar 2026 08:58:44 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 19 Jan 2026 07:34:53 GMT\r\nvary: Accept-Encoding\r\netag: W/\"696dde9d-2d60b\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":185867,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"35d933860609c4f0bd2754bc22d37e0d","sha1":"6357c4f1cf04858ef1ddfa5671a6f544995020c6","sha256":"114b5d687574082a6c5259cbb48c3d6e6573520293363ad7c40427543f20bd85","sha512":"9d262df5d0e1a5e5bac9ae5a7b91bc6830e4bd34f75cfbb864766eeb7be28cd63856b70f5a8144a4839ee238ae9f68a3321d0ab5bf1a5e39baa20328222b17ba","ssdeep":"3072:WbJCOCvJ+SziiSzBHE0LNH64NZ6aJzg2oxU3Xpkyv1:WbJCOCx+IiiSzBHE0LNH64NZ6aJzg2oQ","tlshash":"6f04c86afa60216d9163c65d64d0bbe8512ec142d7234feff5236b20cbc91db0a73a4d","first_seen":"2023-12-05T07:57:10Z","last_seen":"2026-03-19T08:59:08.090692Z","times_seen":12,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":290,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-19","alert":"Phishing Block","trigger":"www.gzjph.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"www.gzjph.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gzjph.com/static/2f0fc1df2d3ce7db5c6061fd5b5df9c1.js","fqdn":"www.gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"154.220.250.131","port":443,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.gzjph.com/","date":"2026-03-19T08:58:44.330Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.gzjph.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 08:54:53 GMT","end":"Sun, 19 Apr 2026 08:54:52 GMT"},"fingerprint":{"sha1":"C0:CC:CD:EC:11:18:B5:D2:9B:94:D5:A5:DC:DD:91:6F:85:9C:DA:42","sha256":"37:B2:F6:FB:68:72:76:0F:DA:1A:61:CC:9B:B6:61:1B:52:4B:0F:B7:0D:73:9A:42:D7:C1:5B:29:16:AD:F5:E0"}}},"request":{"raw":"GET /static/2f0fc1df2d3ce7db5c6061fd5b5df9c1.js HTTP/1.1\r\nHost: www.gzjph.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gzjph.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 19 Mar 2026 08:58:44 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 19 Jan 2026 07:34:55 GMT\r\nvary: Accept-Encoding\r\netag: W/\"696dde9f-66d0\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26320,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1253)","md5":"92a44b2fb2a29653c83fbb5155050911","sha1":"4c256f063b4d0e13a4f23760a4bb24c7dd8e4e4a","sha256":"52efe585eebc0e03be68ca5b7a31e03396d3849ba34fe920396095c23011da72","sha512":"ee0dc27b9eb5ed98bfefa2a90c7e8ccd2c61e4a058e614580cb04e687d204277216b8a7e451537ac5e6c3139a03660c363cd737f370adcb5015a3881a1456c7a","ssdeep":"384:lju5Yvc5I8dY1MNYDD+EXggAp0efmF7XqO8sfsrJIkX+Db5y:ob5NY19kr0efmMOlfsJIkX7","tlshash":"62c2f8cdb6b0641a636bb07c1d6f950831322807b88c8825bd8d56e06fd1d7ec5e7be9","first_seen":"2026-03-01T10:22:37.519144Z","last_seen":"2026-03-19T08:59:08.094266Z","times_seen":2,"resource_available":true,"data":null}},"time_used":568,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":568,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"www.gzjph.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-19","alert":"Phishing Block","trigger":"www.gzjph.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gzjph.com/npublic/libs/core/ceccjquery.min.js,require.min.js,lib.min.js,page.min.js?instance=new2021110816245422852\u0026viewType=p\u0026v=1675235385000\u0026siteType=oper","fqdn":"www.gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"154.220.250.131","port":443,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.gzjph.com/","date":"2026-03-19T08:58:44.876Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.gzjph.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 08:54:53 GMT","end":"Sun, 19 Apr 2026 08:54:52 GMT"},"fingerprint":{"sha1":"C0:CC:CD:EC:11:18:B5:D2:9B:94:D5:A5:DC:DD:91:6F:85:9C:DA:42","sha256":"37:B2:F6:FB:68:72:76:0F:DA:1A:61:CC:9B:B6:61:1B:52:4B:0F:B7:0D:73:9A:42:D7:C1:5B:29:16:AD:F5:E0"}}},"request":{"raw":"GET /npublic/libs/core/ceccjquery.min.js,require.min.js,lib.min.js,page.min.js?instance=new2021110816245422852\u0026viewType=p\u0026v=1675235385000\u0026siteType=oper HTTP/1.1\r\nHost: www.gzjph.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gzjph.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 19 Mar 2026 08:58:45 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-10T02:14:21.808818Z","times_seen":16284503,"resource_available":true,"data":null}},"time_used":296,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":296,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-19","alert":"Phishing Block","trigger":"www.gzjph.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"www.gzjph.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"gzjph.com/","fqdn":"gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"154.220.250.131","port":80,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-19T08:58:42.240Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: gzjph.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: nginx\r\nDate: Thu, 19 Mar 2026 08:58:42 GMT\r\nContent-Type: text/html\r\nContent-Length: 162\r\nConnection: keep-alive\r\nLocation: https://www.gzjph.com/\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":73454,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-10T02:14:21.808818Z","times_seen":16284503,"resource_available":true,"data":null}},"time_used":840,"timings":{"blocked":279,"dns":2,"connect":280,"send":0,"wait":279,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"gzjph.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-19","alert":"Phishing Block","trigger":"gzjph.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gzjph.com/static/f25e362989dbf17307ea8f0602a421e3.jpg","fqdn":"www.gzjph.com","domain":"gzjph.com","tld":"com"},"ip":{"addr":"154.220.250.131","port":443,"asn":139471,"as":"HWA CENT TELECOMMUNICATIONS LIMITED","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gzjph.com/","date":"2026-03-19T08:58:44.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.gzjph.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 08:54:53 GMT","end":"Sun, 19 Apr 2026 08:54:52 GMT"},"fingerprint":{"sha1":"C0:CC:CD:EC:11:18:B5:D2:9B:94:D5:A5:DC:DD:91:6F:85:9C:DA:42","sha256":"37:B2:F6:FB:68:72:76:0F:DA:1A:61:CC:9B:B6:61:1B:52:4B:0F:B7:0D:73:9A:42:D7:C1:5B:29:16:AD:F5:E0"}}},"request":{"raw":"GET /static/f25e362989dbf17307ea8f0602a421e3.jpg HTTP/1.1\r\nHost: www.gzjph.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gzjph.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 19 Mar 2026 08:58:44 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 4812\r\nlast-modified: Mon, 19 Jan 2026 07:34:55 GMT\r\netag: \"696dde9f-12cc\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4812,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85\", baseline, precision 8, 400x300, components 3","md5":"337961a6e7eacc0a6e4c50b01b3098b8","sha1":"33bdc792c9b356ebb5cedf27feaf1cc50ad27d8f","sha256":"fb59c2c10d47fa8399a2d20272d8a48f2f50c71901b49b1b986aab81adf30ab5","sha512":"7fe08d5e95f3667f6c690f555cfde16b183871f328327b3b11ce175ea592d8c422bb578954c4b184c6c40ad8e580adde545572b3b5c8ac957779be15d24ccb99","ssdeep":"96:fERIIIIo3Zil/piazzf3K0orcol/piazzf3Zil4:f4IIIIYilcrFlxil4","tlshash":"57a198578c184b83a01d43e5be530e7d6f0a3b2de8863afe15a24dd73f142150c8e92e","first_seen":"2026-03-01T10:22:37.521567Z","last_seen":"2026-04-10T08:13:31.316377Z","times_seen":5,"resource_available":false,"data":null}},"time_used":568,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":568,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-19","alert":"Sinkholed","trigger":"www.gzjph.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-19","alert":"Phishing Block","trigger":"www.gzjph.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"omo-oss-image1.thefastimg.com/portal-saas/new2021110816245422852/cms/image/30e2afc8-86da-4c5c-8d04-7043a47ff103.jpg","fqdn":"omo-oss-image1.thefastimg.com","domain":"thefastimg.com","tld":"com"},"ip":{"addr":"43.159.94.129","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.gzjph.com/","date":"2026-03-19T08:58:45.237Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.thefastimg.com","organization":""},"issuer":{"commonName":"XinNet DV TLS CA","organization":"Xin Net Technology Corp."},"validity":{"start":"Thu, 03 Jul 2025 01:37:11 GMT","end":"Fri, 03 Jul 2026 01:37:10 GMT"},"fingerprint":{"sha1":"BE:DE:E5:10:F8:89:09:7D:12:6B:91:17:81:03:F1:74:E4:DA:80:62","sha256":"E7:A4:CC:76:4D:54:5C:E8:FD:C8:42:EE:BD:F9:02:5F:2D:3D:11:D6:BC:BA:D6:DB:E8:61:FC:24:01:1E:B0:90"}}},"request":{"raw":"GET /portal-saas/new2021110816245422852/cms/image/30e2afc8-86da-4c5c-8d04-7043a47ff103.jpg HTTP/1.1\r\nHost: omo-oss-image1.thefastimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gzjph.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\naccess-control-allow-methods: *\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 5\r\naccess-control-expose-headers: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-credentials: false\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-security-policy: default-src 'self'\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 1; mode=block\r\nexpires: Sat, 18 Apr 2026 08:58:46 GMT\r\np3p: CP=IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\r\ncontent-length: 86628\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15552000;includeSubDomains;preload\r\ndate: Thu, 19 Mar 2026 08:58:45 GMT\r\neo-log-uuid: 8387093754242343622\r\neo-cache-status: MISS\r\ncache-control: max-age=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":86628,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 960x413, components 3","md5":"f31398f6398bfbeda4c2f89d99b37631","sha1":"a5d0c99a4f43918036e8c33d6b4fc77fee88e679","sha256":"9e1464adbbe3eadd1ae7182d9ba4545366fe5ee201c9ebd3bebae0663ffb9184","sha512":"5fe7201560ddde42d07221ded48c00446b1bce59505108e9bac6ae56ae42e191b58ee436dc8d76da1c1137e900e93ed351b7874ef87c845ea90ac5770bb47948","ssdeep":"1536:gfeH7llqTRVDD+K/W1AtrbA4516jwGG1lKVcT8D+LS9uTG3o/8iYaz:gfeHBlKn+hAtb51RL7k+QuK3oVYaz","tlshash":"c883029e9f012bb9cd3bcdb6a197706744837895c00a3c933c2775932ea4426b5b2a4f","first_seen":"2026-03-01T10:22:37.526488Z","last_seen":"2026-03-19T08:59:08.096771Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1944,"timings":{"blocked":426,"dns":368,"connect":23,"send":0,"wait":545,"receive":545,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}