{"report_id":"e61493f7-6a22-47a6-b8ac-c048cab03c40","version":6,"status":"done","tags":[],"date":"2025-12-24T21:58:40Z","url":{"schema":"http","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"title":"Promarkia-AI智能营销内容生成平台，一键创建图片视频博客","dom":{"size":60912,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8832)","md5":"8dcaf3fb15315843d71ec91583ce3a03","sha1":"d9b3d126f275db778607a2ffcf98a1b09d88edf1","sha256":"6e59d0336fcf4fddc26dab8148841530feb3cbc9cc16f9430d8c233dbe849ef9","sha512":"d5ce3cff5d7437596f3221ef8256fc7e3797d0347a3fa96330eac70094cbbcb6915b7fe6cb5195297b5f6670040f620ca79094c50dd22746447e12212608e61e","ssdeep":"768:QQZdypJRzz4nyrBGTU6jSbAGT1p6p2Mtv91Tsz4y1d7jf1H:QYyp3snyVepSUwW2ev91Tszb1d7jf1H","tlshash":"d55397b1c48d547a021e67e55920772df283567bcf235ea2b3fa839cc748fa684a310d","dom_hash":"domhash53ce5c01a21308510b9d83fea5d7ceb6","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-28T21:58:40Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"promarkia.tchepai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"static.cloudflareinsights.com","ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-08-30","domain_rank":4073,"first_seen":"2019-09-24T14:34:56Z","last_seen":"2025-12-21T22:19:25.211281Z","alert_count":0,"request_count":4,"received_data":81376,"sent_data":2080,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"aigcsoft.site","ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"domain_registered":"2025-07-10","domain_rank":0,"first_seen":"2025-10-09T04:41:15.457373Z","last_seen":"2025-12-20T07:28:26.840849Z","alert_count":0,"request_count":68,"received_data":3471625,"sent_data":34116,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"hm.baidu.com","ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":54491,"first_seen":"2012-05-26T08:38:45Z","last_seen":"2025-12-22T01:25:11.24726Z","alert_count":0,"request_count":14,"received_data":126518,"sent_data":9537,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"promarkia.tchepai.com","ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":23,"request_count":23,"received_data":363891,"sent_data":14370,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Embed Optimizer:1.0.0","description":"Performance plugin from the WordPress Performance Team, which optimizes embeds by lazy loading them only as they come into view.","website":"https://wordpress.org/plugins/embed-optimizer/","common_platform_enumeration":"","icon":"embed-optimizer.svg","categories":["WordPress plugins","Performance"]},{"name":"Image Prioritizer:1.0.0","description":"Performance plugin from the WordPress Performance Team, which optimizes the loading of images which are the LCP (Largest Contentful Paint) element, including both img elements and elements with CSS background images.","website":"https://wordpress.org/plugins/image-prioritizer/","common_platform_enumeration":"","icon":"image-prioritizer.svg","categories":["WordPress plugins","Performance"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Enhanced Responsive Images:1.7.0","description":"Performance plugin from the WordPress Performance Team, which improves image sizes attribute accuracy and implements the HTML spec for adding sizes='auto' to lazy loaded images.","website":"https://wordpress.org/plugins/auto-sizes/","common_platform_enumeration":"","icon":"enhanced-image-sizes.svg","categories":["WordPress plugins","Performance"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Web Worker Offloading:0.2.0","description":"Performance plugin from the WordPress Performance Team, which offloads JavaScript execution to a Web Worker, improving performance by freeing up the main thread.","website":"https://wordpress.org/plugins/web-worker-offloading/","common_platform_enumeration":"","icon":"web-worker-offloading.svg","categories":["WordPress plugins","Performance"]},{"name":"Google AdSense","description":"Google AdSense is a program run by Google through which website publishers serve advertisements that are targeted to the site content and audience.","website":"https://www.google.com/adsense/start/","common_platform_enumeration":"","icon":"Google AdSense.svg","categories":["Advertising"]},{"name":"Image Placeholders:1.2.0","description":"Performance plugin from the WordPress Performance Team, which determines and stores the dominant color for newly uploaded images in the media library, then uses that as a placeholder background during front end image loads.","website":"https://wordpress.org/plugins/dominant-color-images/","common_platform_enumeration":"","icon":"dominant-color-images.svg","categories":["WordPress plugins","Performance"]},{"name":"Optimization Detective:1.0.0","description":"Performance plugin from the WordPress Performance Team, which captures real user metrics about what elements are displayed on the page across a variety of device form factors (e.g. desktop, tablet, and phone) in order to apply loading optimizations.","website":"https://wordpress.org/plugins/optimization-detective/","common_platform_enumeration":"","icon":"optimization-detective.svg","categories":["WordPress plugins","Performance"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"Performance Lab:4.0.0","description":"Performance plugin from the WordPress Performance Team, which is a collection of standalone performance modules.","website":"https://wordpress.org/plugins/performance-lab/","common_platform_enumeration":"","icon":"Performance Lab.svg","categories":["WordPress plugins","Performance"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"Performant Translations:1.2.0","description":"Performance plugin from the WordPress Performance Team, which makes internationalization/localization in WordPress faster than ever before.","website":"https://wordpress.org/plugins/performant-translations/","common_platform_enumeration":"","icon":"performant-translations.svg","categories":["WordPress plugins","Performance"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Speculative Loading:1.6.0","description":"Performance plugin from the WordPress Performance Team, which adds support for the Speculation Rules API, by which certain URLs are dynamically prefetched or prerendered based on user interaction.","website":"https://wordpress.org/plugins/speculation-rules/","common_platform_enumeration":"","icon":"speculation-rules.svg","categories":["WordPress plugins","Performance"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?c55c6aaaf65f2014092bf25971daef13","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"339dd5f5ea61c6f49117b909b918da37","sha1":"7821f1309d2d28da4350d9c691f878a9bcaf544b","sha256":"a16ad93139ec19d590126958798ba84bc4e53c09c6f323c5fc69d00976bc8dee","sha512":"21ed297d2d9d0a731ff20fb0baedcdb40b10e10d51de855601400e537021f2604eae7c9004770b7fd0f52ea32d6dd7fd3c5bfa63d9a7ffa26961f92d04dd9452","ssdeep":"384:huJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:hu4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"5cd2d9a9b282713293a324a5153f324af17b5a54bd4968a4f11894c07d38fbb027bfdd","size":29899,"data":"","first_seen":"2025-12-24T21:58:52.171661Z","last_seen":"2025-12-24T21:58:52.171661Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"22f5f2a0f440f9be5a552b8e9723410d","sha1":"c00a079a183ddbba6fef4bfc0941a4b67fa93dbc","sha256":"65a4aae08beef1e5bf2d3e039d2902ab03f33ae2d2b66865d9a6db1d64150789","sha512":"3abdee72e30379d510eb52e4078bd21e1b31d20f3dabf151e6f18827995c598e8c355c1d44bf455d17a25c033dbf9b5e1cf87eb692090d1ea07c7656c44f1249","ssdeep":"","tlshash":"76900295589970b813519600553627226314945588051094c1504115384908ae4a5a52","size":49,"data":"","first_seen":"2023-04-11T21:30:12Z","last_seen":"2026-04-06T07:40:06.324072Z","times_seen":699,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/js/theme-main-1.1.3.js","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2e7e831ad18cb087126df11cfbcf50ce","sha1":"d1234fee2361ab14e80187aa09d47ffa0a967e92","sha256":"a505eaa9662755053e86b75135a4ba3a9441003caac80ce29242c9810011381d","sha512":"0cf3e4cb5a2e014350e1b86e19493d6535c99b25c7c5672554c000d96d56cdbb7408d9059014672cbce73b4f93fa182d5cdd958c9e0ea7531248ef90ba1af08c","ssdeep":"384:bHf1gZB8+4WOsxLEjBCoigtzztO3w4OBm8zX4EFz44VHRSjQyIntg2M/yu3uEJH1:wB84EyH8XNRSjQE3zJYoRJP/WDRk","tlshash":"9be2e614ff3d24ab80baf0da18af25cefa3d5173bd4208a5ecad44941bc085d764d9a7","size":34173,"data":"","first_seen":"2025-12-20T07:28:33.039635Z","last_seen":"2026-03-22T11:49:55.735942Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"5d07ecaed78ca47768a8a41726a81e75","sha1":"0dfef6ffc8b68b661b7aca895c42d0f68b6682b1","sha256":"bbd872abc39ee593c7ac7aaf4600c8e9c109ef123550aa930c6b0ed6da95d3e8","sha512":"f46db0d613a7ef3525c7f3927f989cf4e0a53b82295491672a632f1baa84b2dc7e01ede6970f3a13e030a386c9239f362f212b38177ea207fce5b1a0a46234c3","ssdeep":"","tlshash":"7c01efdc9794ec8e35d35c71a915209c708e1e261e94cdb6dc0c181b15c5b3360c364f","size":835,"data":"","first_seen":"2025-12-24T21:58:52.193752Z","last_seen":"2025-12-24T21:58:52.193752Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"5570e6032386b6c5d8e62c00112797b9","sha1":"f7ce79dff393d7f9f0c717d5ce739a3d04c367ca","sha256":"1f43f8c04c9a584c35a8f4c76336d8e65a54adfa3dfd62e7730756d088f7b0e9","sha512":"a0d1ecc381d078c99c41789e547573364d77fffa27645f1fdbae2b9e726a56410ab4f2596bbac380c76cdd9c2288964b1a9907c890f872f7264054688db9372b","ssdeep":"","tlshash":"eed0ebdca1c990cc36936cd24810608c921e0e241c209de1cc048c2b358bf332403648","size":284,"data":"","first_seen":"2025-12-24T21:58:52.19514Z","last_seen":"2025-12-24T21:58:52.19514Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"36fa36c2806c71dc50b52d4bcb0512d3","sha1":"44fa166941e04611cead9d8bacf26c9923221ac1","sha256":"37d6a3fdb14d65b2e8f4f0c20321f437d92685b9d66639306876a737a9cfced8","sha512":"59f962b257cbe1e23d513e8d1623871b2cc23e776af404a6c96ea29a041b361b4a9b9c02186abbc40820d240341a17b9b6b52cd6cc4a6faed5d01879d4827d90","ssdeep":"","tlshash":"950189dc9798e88e35935cb29926615c618e1e251d90cdfadc0c081b25c6f3360c368f","size":779,"data":"","first_seen":"2025-12-24T21:58:52.196558Z","last_seen":"2025-12-24T21:58:52.196558Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/theme-main-js-extra","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"4fb6efe273f9f28c0e54658bc29e5edd","sha1":"3d7b8ee6caf3f05cf266e4bda65eedf02d2f30be","sha256":"fbefaab67957eae3b4754436d59db690f4c868f1486f6c497ee510dc596f7e05","sha512":"a0ccf8bc1550a8ba7e8b7416be36322704da35be09195ab24d8f9a68fed816b677e190201e7d40c88b1282498f3f6c45f6094e37bb368fa8e018dfb2b592346c","ssdeep":"","tlshash":"bcf09e5e95c90da114f649c85e102b331fd1e31789a2943d94bd70443f1455ff552b63","size":476,"data":"","first_seen":"2025-12-20T07:28:33.082591Z","last_seen":"2026-01-22T09:22:59.18815Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-06T10:01:44.075126Z","times_seen":293819,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-06T10:01:44.075126Z","times_seen":293819,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7f128278499869fbd27af3622eada554","sha1":"e6f567006075b8e18e75e7c6284cb69741727a8c","sha256":"d7423a6127c67a7af6da7b4487914d3f9ab4943c8f2a418a57811e2fa6450e1a","sha512":"e3c2494fd71af3c5ff426d01033a9c2c042c92be11d76b3bf09bdc6c3398024fb05a46c44f22c42bded56e1dc595252a977a0365486238f840de745dfe4f9c85","ssdeep":"","tlshash":"e2d02e0f2c5828386366083a51bad98cb276688c247ed080d1dce8415aa0fc5082ebc8","size":254,"data":"","first_seen":"2025-10-25T15:53:30.357323Z","last_seen":"2026-03-22T11:49:55.745717Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","size":12332,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-06T10:01:17.366505Z","times_seen":94910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/theme-main-js-before","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"d0ecd228550d64b2eb683780d092f160","sha1":"c181790beba63ef28443885995a2f925a4c3d27a","sha256":"2ba54796e73e3c4f9be708a9965bac3586659559a49388b654697e1b36259208","sha512":"8f2a1075728d9a5815df7b5fd21bafec8d5361a84b536c4cf904ab126e0b02c5cc543c05e553219098dc91adfac1cbaa4e9ebdb7f9658176de215179085f0b88","ssdeep":"","tlshash":"98b09ba78dd41e9a71f50df52721775297d7551cd8305415c44bc1540e35451d895708","size":125,"data":"","first_seen":"2025-12-20T07:28:33.07597Z","last_seen":"2026-01-22T09:22:59.189043Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/theme-main-js-extra","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"4fb6efe273f9f28c0e54658bc29e5edd","sha1":"3d7b8ee6caf3f05cf266e4bda65eedf02d2f30be","sha256":"fbefaab67957eae3b4754436d59db690f4c868f1486f6c497ee510dc596f7e05","sha512":"a0ccf8bc1550a8ba7e8b7416be36322704da35be09195ab24d8f9a68fed816b677e190201e7d40c88b1282498f3f6c45f6094e37bb368fa8e018dfb2b592346c","ssdeep":"","tlshash":"bcf09e5e95c90da114f649c85e102b331fd1e31789a2943d94bd70443f1455ff552b63","size":476,"data":"","first_seen":"2025-12-20T07:28:33.082591Z","last_seen":"2026-01-22T09:22:59.18815Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"43e28c5553d54ed2964bd5147521769b","sha1":"0a2b8c3db330a47aa7b9195e6dfdf944adb9240d","sha256":"d63026c985dc46aeb316574b7bf1828080c906238e35d5e34cb80414c0e70d23","sha512":"6dda085e4196167cf64287cb675c05b09bdaa291decebd1bea2b52ccdbd380de5875dc233fa3d439559413693f1e7974f485d60a2c1541bf62a8887bf5ff9811","ssdeep":"","tlshash":"1b80000c0a20c0882a00af00e000c202a0c2200f0220238ce823bce2a83c888808fea0","size":38,"data":"","first_seen":"2023-04-10T16:02:06Z","last_seen":"2026-04-06T10:09:02.614872Z","times_seen":127040,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87553,"data":"","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-06T10:07:55.618232Z","times_seen":689847,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","size":12332,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-06T10:01:17.366505Z","times_seen":94910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87553,"data":"","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-06T10:07:55.618232Z","times_seen":689847,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"22f5f2a0f440f9be5a552b8e9723410d","sha1":"c00a079a183ddbba6fef4bfc0941a4b67fa93dbc","sha256":"65a4aae08beef1e5bf2d3e039d2902ab03f33ae2d2b66865d9a6db1d64150789","sha512":"3abdee72e30379d510eb52e4078bd21e1b31d20f3dabf151e6f18827995c598e8c355c1d44bf455d17a25c033dbf9b5e1cf87eb692090d1ea07c7656c44f1249","ssdeep":"","tlshash":"76900295589970b813519600553627226314945588051094c1504115384908ae4a5a52","size":49,"data":"","first_seen":"2023-04-11T21:30:12Z","last_seen":"2026-04-06T07:40:06.324072Z","times_seen":699,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"22f5f2a0f440f9be5a552b8e9723410d","sha1":"c00a079a183ddbba6fef4bfc0941a4b67fa93dbc","sha256":"65a4aae08beef1e5bf2d3e039d2902ab03f33ae2d2b66865d9a6db1d64150789","sha512":"3abdee72e30379d510eb52e4078bd21e1b31d20f3dabf151e6f18827995c598e8c355c1d44bf455d17a25c033dbf9b5e1cf87eb692090d1ea07c7656c44f1249","ssdeep":"","tlshash":"76900295589970b813519600553627226314945588051094c1504115384908ae4a5a52","size":49,"data":"","first_seen":"2023-04-11T21:30:12Z","last_seen":"2026-04-06T07:40:06.324072Z","times_seen":699,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"8fc9929da0c59e29ad30f367336161ac","sha1":"d24c23244856f49a03a35aa2eb0cb8dd7c85ebed","sha256":"0e5e8fddb4b83423fe0a6a07e5899f14586db8c75a30277aff9f08ec2a0ed594","sha512":"f9fe9f806a6c74a0262275ca8a0edb265450334066392d1385ec23297514ba92a3f961585ce851e8d053d7b880b147f9df9cb42fdc108718f1103001537dca3c","ssdeep":"","tlshash":"4501efec9794ec8e39d358b2a91a15ac718e1e251e54cdfacc0c141b15c6f3360c368f","size":836,"data":"","first_seen":"2025-12-24T21:58:52.202651Z","last_seen":"2025-12-24T21:58:52.202651Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7f128278499869fbd27af3622eada554","sha1":"e6f567006075b8e18e75e7c6284cb69741727a8c","sha256":"d7423a6127c67a7af6da7b4487914d3f9ab4943c8f2a418a57811e2fa6450e1a","sha512":"e3c2494fd71af3c5ff426d01033a9c2c042c92be11d76b3bf09bdc6c3398024fb05a46c44f22c42bded56e1dc595252a977a0365486238f840de745dfe4f9c85","ssdeep":"","tlshash":"e2d02e0f2c5828386366083a51bad98cb276688c247ed080d1dce8415aa0fc5082ebc8","size":254,"data":"","first_seen":"2025-10-25T15:53:30.357323Z","last_seen":"2026-03-22T11:49:55.745717Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/js/jquery.qrcode.min.js","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"05f0b1d7d4b9b0b4975870606d650e3c","sha1":"f424bd339870510d1160d1c5da5d698aedbb452e","sha256":"f4ccf02b69092819ac24575c717a080c3b6c6d6161f1b8d82bf0bb523075032d","sha512":"34551c0e59b857e6b6b233d7ee04442178024858daf5c1ed28f38bd738fa4219c4d2f718ebde4c3837a1aa46866132f22f6c317bfc2daf8678f52bea5ead7651","ssdeep":"384:ILEsd9QYYAA1TRjjrlqgbHH/sgDZUnEbBIg4:wIFbVg","tlshash":"b452c8d1f39142b7b1466cd9681f289e98e8a4a3ac14955cbfb8c0e2e674fd16478f30","size":13995,"data":"","first_seen":"2023-03-07T01:15:08Z","last_seen":"2026-04-06T07:56:20.545163Z","times_seen":3607,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"22f5f2a0f440f9be5a552b8e9723410d","sha1":"c00a079a183ddbba6fef4bfc0941a4b67fa93dbc","sha256":"65a4aae08beef1e5bf2d3e039d2902ab03f33ae2d2b66865d9a6db1d64150789","sha512":"3abdee72e30379d510eb52e4078bd21e1b31d20f3dabf151e6f18827995c598e8c355c1d44bf455d17a25c033dbf9b5e1cf87eb692090d1ea07c7656c44f1249","ssdeep":"","tlshash":"76900295589970b813519600553627226314945588051094c1504115384908ae4a5a52","size":49,"data":"","first_seen":"2023-04-11T21:30:12Z","last_seen":"2026-04-06T07:40:06.324072Z","times_seen":699,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-06T10:15:21.751718Z","times_seen":103120,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"43e28c5553d54ed2964bd5147521769b","sha1":"0a2b8c3db330a47aa7b9195e6dfdf944adb9240d","sha256":"d63026c985dc46aeb316574b7bf1828080c906238e35d5e34cb80414c0e70d23","sha512":"6dda085e4196167cf64287cb675c05b09bdaa291decebd1bea2b52ccdbd380de5875dc233fa3d439559413693f1e7974f485d60a2c1541bf62a8887bf5ff9811","ssdeep":"","tlshash":"1b80000c0a20c0882a00af00e000c202a0c2200f0220238ce823bce2a83c888808fea0","size":38,"data":"","first_seen":"2023-04-10T16:02:06Z","last_seen":"2026-04-06T10:09:02.614872Z","times_seen":127040,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"c53e439ffe02654243bbb03848ef2b35","sha1":"76d3b2bb4d06becc4a2936acfcc9ab6651def71f","sha256":"3a67f45d314b7cf1eb78eda90265642603ec0c4299a8b468665c1404cfab7ceb","sha512":"58892063a2449e2247756c3ba81103db9fa5facba7cbadd08b488cc348ee67e5c471a5496bc16938163dc06da41bf0469bbed243f360cd29e2f664efd92716be","ssdeep":"","tlshash":"95e0c0fc64d45ccd3ae36892a40904acb51e1e141e608ee1cc0c141b0997f372083a59","size":341,"data":"","first_seen":"2025-12-24T21:58:52.204611Z","last_seen":"2025-12-24T21:58:52.204611Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/js/theme-plugins-1.1.3.js","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3e59d67b0ba8b2b3bd96468da87bf850","sha1":"77f8fa85ea1c19fe9dbb9ca308e519fc94c4ad9b","sha256":"80d5cdf7cce5b31f8812a9df4e972c943d7677674b26360aa5ad9b2eb73b88b6","sha512":"fe0aea01afd7783f89eb8c9ce83e99ce54cdd51088f0484f200d65f1321a4f1e41915a4644588cb878052921564ac53e631ad9e556eac24f0fe2c713a6590912","ssdeep":"6144:jNieePiOow3ApC1j2b1dimpqoqslIfpr1abkKJypN:jNie+iOVh23NQ2ypN","tlshash":"8d3438567340367241e751ca50178105f372ba69b406c0ac72bdced62f9e98a60fffba","size":236578,"data":"","first_seen":"2025-10-25T15:53:30.344193Z","last_seen":"2026-03-22T11:49:55.741309Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/js/theme-plugins-1.1.3.js","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3e59d67b0ba8b2b3bd96468da87bf850","sha1":"77f8fa85ea1c19fe9dbb9ca308e519fc94c4ad9b","sha256":"80d5cdf7cce5b31f8812a9df4e972c943d7677674b26360aa5ad9b2eb73b88b6","sha512":"fe0aea01afd7783f89eb8c9ce83e99ce54cdd51088f0484f200d65f1321a4f1e41915a4644588cb878052921564ac53e631ad9e556eac24f0fe2c713a6590912","ssdeep":"6144:jNieePiOow3ApC1j2b1dimpqoqslIfpr1abkKJypN:jNie+iOVh23NQ2ypN","tlshash":"8d3438567340367241e751ca50178105f372ba69b406c0ac72bdced62f9e98a60fffba","size":236578,"data":"","first_seen":"2025-10-25T15:53:30.344193Z","last_seen":"2026-03-22T11:49:55.741309Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"c53e439ffe02654243bbb03848ef2b35","sha1":"76d3b2bb4d06becc4a2936acfcc9ab6651def71f","sha256":"3a67f45d314b7cf1eb78eda90265642603ec0c4299a8b468665c1404cfab7ceb","sha512":"58892063a2449e2247756c3ba81103db9fa5facba7cbadd08b488cc348ee67e5c471a5496bc16938163dc06da41bf0469bbed243f360cd29e2f664efd92716be","ssdeep":"","tlshash":"95e0c0fc64d45ccd3ae36892a40904acb51e1e141e608ee1cc0c141b0997f372083a59","size":341,"data":"","first_seen":"2025-12-24T21:58:52.204611Z","last_seen":"2025-12-24T21:58:52.204611Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/theme-main-js-before","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"d0ecd228550d64b2eb683780d092f160","sha1":"c181790beba63ef28443885995a2f925a4c3d27a","sha256":"2ba54796e73e3c4f9be708a9965bac3586659559a49388b654697e1b36259208","sha512":"8f2a1075728d9a5815df7b5fd21bafec8d5361a84b536c4cf904ab126e0b02c5cc543c05e553219098dc91adfac1cbaa4e9ebdb7f9658176de215179085f0b88","ssdeep":"","tlshash":"98b09ba78dd41e9a71f50df52721775297d7551cd8305415c44bc1540e35451d895708","size":125,"data":"","first_seen":"2025-12-20T07:28:33.07597Z","last_seen":"2026-01-22T09:22:59.189043Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/theme-main-js-before","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"d0ecd228550d64b2eb683780d092f160","sha1":"c181790beba63ef28443885995a2f925a4c3d27a","sha256":"2ba54796e73e3c4f9be708a9965bac3586659559a49388b654697e1b36259208","sha512":"8f2a1075728d9a5815df7b5fd21bafec8d5361a84b536c4cf904ab126e0b02c5cc543c05e553219098dc91adfac1cbaa4e9ebdb7f9658176de215179085f0b88","ssdeep":"","tlshash":"98b09ba78dd41e9a71f50df52721775297d7551cd8305415c44bc1540e35451d895708","size":125,"data":"","first_seen":"2025-12-20T07:28:33.07597Z","last_seen":"2026-01-22T09:22:59.189043Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","size":19948,"data":"","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-06T09:59:39.016388Z","times_seen":330593,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"5d5d498b32b6d48dd2cc177d8abebe7a","sha1":"4adf8139fa8f76bb0ac0faeb2ab9eb63600a4825","sha256":"48f6c406070919992f75f19a8c89494314481407bfb447d0f649926a8a6261c2","sha512":"9e70317e63a53286273af2be3730b5e4b6d4c923171f0ffd638df85a0fe89878fcdc15dbb3724d3d6b5f484880f0e46a807b751d318305ab77e9e379475ba74d","ssdeep":"","tlshash":"07f0c0dc4794ec8a34d368b55526255c30ce1d211d84ccbd9c1c041715c5f3360c368f","size":531,"data":"","first_seen":"2025-12-24T21:58:52.205844Z","last_seen":"2025-12-24T21:58:52.205844Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"22f5f2a0f440f9be5a552b8e9723410d","sha1":"c00a079a183ddbba6fef4bfc0941a4b67fa93dbc","sha256":"65a4aae08beef1e5bf2d3e039d2902ab03f33ae2d2b66865d9a6db1d64150789","sha512":"3abdee72e30379d510eb52e4078bd21e1b31d20f3dabf151e6f18827995c598e8c355c1d44bf455d17a25c033dbf9b5e1cf87eb692090d1ea07c7656c44f1249","ssdeep":"","tlshash":"76900295589970b813519600553627226314945588051094c1504115384908ae4a5a52","size":49,"data":"","first_seen":"2023-04-11T21:30:12Z","last_seen":"2026-04-06T07:40:06.324072Z","times_seen":699,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/js/theme-plugins-1.1.3.js","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3e59d67b0ba8b2b3bd96468da87bf850","sha1":"77f8fa85ea1c19fe9dbb9ca308e519fc94c4ad9b","sha256":"80d5cdf7cce5b31f8812a9df4e972c943d7677674b26360aa5ad9b2eb73b88b6","sha512":"fe0aea01afd7783f89eb8c9ce83e99ce54cdd51088f0484f200d65f1321a4f1e41915a4644588cb878052921564ac53e631ad9e556eac24f0fe2c713a6590912","ssdeep":"6144:jNieePiOow3ApC1j2b1dimpqoqslIfpr1abkKJypN:jNie+iOVh23NQ2ypN","tlshash":"8d3438567340367241e751ca50178105f372ba69b406c0ac72bdced62f9e98a60fffba","size":236578,"data":"","first_seen":"2025-10-25T15:53:30.344193Z","last_seen":"2026-03-22T11:49:55.741309Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","size":12332,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-06T10:01:17.366505Z","times_seen":94910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"c53e439ffe02654243bbb03848ef2b35","sha1":"76d3b2bb4d06becc4a2936acfcc9ab6651def71f","sha256":"3a67f45d314b7cf1eb78eda90265642603ec0c4299a8b468665c1404cfab7ceb","sha512":"58892063a2449e2247756c3ba81103db9fa5facba7cbadd08b488cc348ee67e5c471a5496bc16938163dc06da41bf0469bbed243f360cd29e2f664efd92716be","ssdeep":"","tlshash":"95e0c0fc64d45ccd3ae36892a40904acb51e1e141e608ee1cc0c141b0997f372083a59","size":341,"data":"","first_seen":"2025-12-24T21:58:52.204611Z","last_seen":"2025-12-24T21:58:52.204611Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87553,"data":"","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-06T10:07:55.618232Z","times_seen":689847,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?c55c6aaaf65f2014092bf25971daef13","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"ef9e9ac58ec9836cf3fffd668377e48c","sha1":"eedebaae4294b1038668e7a955ce99bf79dd3c5f","sha256":"d2209738e8af3647abf4085705083416c963f3303654fc37e4a3fe43de4431d7","sha512":"7a23df191bdb0105238fd247c67009c06d75ebad6325606c87d7c2dc26f0d9399c492a6db5799372e21bc70081728e775d22de0102519503358adb2f94c83d46","ssdeep":"384:hyJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:hy4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"89d2d9e9b282713293a324a5153f324af17b5a54bd4968a4f11894c07d38fbb027bfdd","size":29899,"data":"","first_seen":"2025-12-24T21:58:52.146507Z","last_seen":"2025-12-24T21:58:52.146507Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"3ce098dc5138520f8b653a561cb2c78d","sha1":"252a55866d4f4ff8d3c4b8265d4623ea6708bb97","sha256":"a2226379811494cfcd7018e253299c9e9ac25b858c031f632d16e0cf46d0bfe6","sha512":"83b84c0ad56f91953eb845e5b56834c1a7ae4504e0e7758940896ffeae3485651fea9de5d0d46e955cbfa52a00c5a3cfeb488bca4015a527451ee001cd89ca22","ssdeep":"","tlshash":"c8e0c0ec60c468ce3a932852585410dcb50d0d1a1e60ada1cc0c1c1b0a4ab332043a54","size":340,"data":"","first_seen":"2025-12-24T21:58:52.207238Z","last_seen":"2025-12-24T21:58:52.207238Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","size":12332,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-06T10:01:17.366505Z","times_seen":94910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7f128278499869fbd27af3622eada554","sha1":"e6f567006075b8e18e75e7c6284cb69741727a8c","sha256":"d7423a6127c67a7af6da7b4487914d3f9ab4943c8f2a418a57811e2fa6450e1a","sha512":"e3c2494fd71af3c5ff426d01033a9c2c042c92be11d76b3bf09bdc6c3398024fb05a46c44f22c42bded56e1dc595252a977a0365486238f840de745dfe4f9c85","ssdeep":"","tlshash":"e2d02e0f2c5828386366083a51bad98cb276688c247ed080d1dce8415aa0fc5082ebc8","size":254,"data":"","first_seen":"2025-10-25T15:53:30.357323Z","last_seen":"2026-03-22T11:49:55.745717Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87553,"data":"","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-06T10:07:55.618232Z","times_seen":689847,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/js/jquery.qrcode.min.js","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"05f0b1d7d4b9b0b4975870606d650e3c","sha1":"f424bd339870510d1160d1c5da5d698aedbb452e","sha256":"f4ccf02b69092819ac24575c717a080c3b6c6d6161f1b8d82bf0bb523075032d","sha512":"34551c0e59b857e6b6b233d7ee04442178024858daf5c1ed28f38bd738fa4219c4d2f718ebde4c3837a1aa46866132f22f6c317bfc2daf8678f52bea5ead7651","ssdeep":"384:ILEsd9QYYAA1TRjjrlqgbHH/sgDZUnEbBIg4:wIFbVg","tlshash":"b452c8d1f39142b7b1466cd9681f289e98e8a4a3ac14955cbfb8c0e2e674fd16478f30","size":13995,"data":"","first_seen":"2023-03-07T01:15:08Z","last_seen":"2026-04-06T07:56:20.545163Z","times_seen":3607,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-06T10:15:21.751718Z","times_seen":103120,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","size":12332,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-06T10:01:17.366505Z","times_seen":94910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"22f5f2a0f440f9be5a552b8e9723410d","sha1":"c00a079a183ddbba6fef4bfc0941a4b67fa93dbc","sha256":"65a4aae08beef1e5bf2d3e039d2902ab03f33ae2d2b66865d9a6db1d64150789","sha512":"3abdee72e30379d510eb52e4078bd21e1b31d20f3dabf151e6f18827995c598e8c355c1d44bf455d17a25c033dbf9b5e1cf87eb692090d1ea07c7656c44f1249","ssdeep":"","tlshash":"76900295589970b813519600553627226314945588051094c1504115384908ae4a5a52","size":49,"data":"","first_seen":"2023-04-11T21:30:12Z","last_seen":"2026-04-06T07:40:06.324072Z","times_seen":699,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/theme-main-js-extra","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"4fb6efe273f9f28c0e54658bc29e5edd","sha1":"3d7b8ee6caf3f05cf266e4bda65eedf02d2f30be","sha256":"fbefaab67957eae3b4754436d59db690f4c868f1486f6c497ee510dc596f7e05","sha512":"a0ccf8bc1550a8ba7e8b7416be36322704da35be09195ab24d8f9a68fed816b677e190201e7d40c88b1282498f3f6c45f6094e37bb368fa8e018dfb2b592346c","ssdeep":"","tlshash":"bcf09e5e95c90da114f649c85e102b331fd1e31789a2943d94bd70443f1455ff552b63","size":476,"data":"","first_seen":"2025-12-20T07:28:33.082591Z","last_seen":"2026-01-22T09:22:59.18815Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-06T10:01:44.075126Z","times_seen":293819,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"22f5f2a0f440f9be5a552b8e9723410d","sha1":"c00a079a183ddbba6fef4bfc0941a4b67fa93dbc","sha256":"65a4aae08beef1e5bf2d3e039d2902ab03f33ae2d2b66865d9a6db1d64150789","sha512":"3abdee72e30379d510eb52e4078bd21e1b31d20f3dabf151e6f18827995c598e8c355c1d44bf455d17a25c033dbf9b5e1cf87eb692090d1ea07c7656c44f1249","ssdeep":"","tlshash":"76900295589970b813519600553627226314945588051094c1504115384908ae4a5a52","size":49,"data":"","first_seen":"2023-04-11T21:30:12Z","last_seen":"2026-04-06T07:40:06.324072Z","times_seen":699,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","size":19948,"data":"","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-06T09:59:39.016388Z","times_seen":330593,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7f128278499869fbd27af3622eada554","sha1":"e6f567006075b8e18e75e7c6284cb69741727a8c","sha256":"d7423a6127c67a7af6da7b4487914d3f9ab4943c8f2a418a57811e2fa6450e1a","sha512":"e3c2494fd71af3c5ff426d01033a9c2c042c92be11d76b3bf09bdc6c3398024fb05a46c44f22c42bded56e1dc595252a977a0365486238f840de745dfe4f9c85","ssdeep":"","tlshash":"e2d02e0f2c5828386366083a51bad98cb276688c247ed080d1dce8415aa0fc5082ebc8","size":254,"data":"","first_seen":"2025-10-25T15:53:30.357323Z","last_seen":"2026-03-22T11:49:55.745717Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","size":12332,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-06T10:01:17.366505Z","times_seen":94910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","size":19948,"data":"","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-06T09:59:39.016388Z","times_seen":330593,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"3ce098dc5138520f8b653a561cb2c78d","sha1":"252a55866d4f4ff8d3c4b8265d4623ea6708bb97","sha256":"a2226379811494cfcd7018e253299c9e9ac25b858c031f632d16e0cf46d0bfe6","sha512":"83b84c0ad56f91953eb845e5b56834c1a7ae4504e0e7758940896ffeae3485651fea9de5d0d46e955cbfa52a00c5a3cfeb488bca4015a527451ee001cd89ca22","ssdeep":"","tlshash":"c8e0c0ec60c468ce3a932852585410dcb50d0d1a1e60ada1cc0c1c1b0a4ab332043a54","size":340,"data":"","first_seen":"2025-12-24T21:58:52.207238Z","last_seen":"2025-12-24T21:58:52.207238Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"43e28c5553d54ed2964bd5147521769b","sha1":"0a2b8c3db330a47aa7b9195e6dfdf944adb9240d","sha256":"d63026c985dc46aeb316574b7bf1828080c906238e35d5e34cb80414c0e70d23","sha512":"6dda085e4196167cf64287cb675c05b09bdaa291decebd1bea2b52ccdbd380de5875dc233fa3d439559413693f1e7974f485d60a2c1541bf62a8887bf5ff9811","ssdeep":"","tlshash":"1b80000c0a20c0882a00af00e000c202a0c2200f0220238ce823bce2a83c888808fea0","size":38,"data":"","first_seen":"2023-04-10T16:02:06Z","last_seen":"2026-04-06T10:09:02.614872Z","times_seen":127040,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","size":19948,"data":"","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-06T09:59:39.016388Z","times_seen":330593,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-06T10:01:44.075126Z","times_seen":293819,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"43e28c5553d54ed2964bd5147521769b","sha1":"0a2b8c3db330a47aa7b9195e6dfdf944adb9240d","sha256":"d63026c985dc46aeb316574b7bf1828080c906238e35d5e34cb80414c0e70d23","sha512":"6dda085e4196167cf64287cb675c05b09bdaa291decebd1bea2b52ccdbd380de5875dc233fa3d439559413693f1e7974f485d60a2c1541bf62a8887bf5ff9811","ssdeep":"","tlshash":"1b80000c0a20c0882a00af00e000c202a0c2200f0220238ce823bce2a83c888808fea0","size":38,"data":"","first_seen":"2023-04-10T16:02:06Z","last_seen":"2026-04-06T10:09:02.614872Z","times_seen":127040,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"3ce098dc5138520f8b653a561cb2c78d","sha1":"252a55866d4f4ff8d3c4b8265d4623ea6708bb97","sha256":"a2226379811494cfcd7018e253299c9e9ac25b858c031f632d16e0cf46d0bfe6","sha512":"83b84c0ad56f91953eb845e5b56834c1a7ae4504e0e7758940896ffeae3485651fea9de5d0d46e955cbfa52a00c5a3cfeb488bca4015a527451ee001cd89ca22","ssdeep":"","tlshash":"c8e0c0ec60c468ce3a932852585410dcb50d0d1a1e60ada1cc0c1c1b0a4ab332043a54","size":340,"data":"","first_seen":"2025-12-24T21:58:52.207238Z","last_seen":"2025-12-24T21:58:52.207238Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"22f5f2a0f440f9be5a552b8e9723410d","sha1":"c00a079a183ddbba6fef4bfc0941a4b67fa93dbc","sha256":"65a4aae08beef1e5bf2d3e039d2902ab03f33ae2d2b66865d9a6db1d64150789","sha512":"3abdee72e30379d510eb52e4078bd21e1b31d20f3dabf151e6f18827995c598e8c355c1d44bf455d17a25c033dbf9b5e1cf87eb692090d1ea07c7656c44f1249","ssdeep":"","tlshash":"76900295589970b813519600553627226314945588051094c1504115384908ae4a5a52","size":49,"data":"","first_seen":"2023-04-11T21:30:12Z","last_seen":"2026-04-06T07:40:06.324072Z","times_seen":699,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/theme-main-js-before","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"d0ecd228550d64b2eb683780d092f160","sha1":"c181790beba63ef28443885995a2f925a4c3d27a","sha256":"2ba54796e73e3c4f9be708a9965bac3586659559a49388b654697e1b36259208","sha512":"8f2a1075728d9a5815df7b5fd21bafec8d5361a84b536c4cf904ab126e0b02c5cc543c05e553219098dc91adfac1cbaa4e9ebdb7f9658176de215179085f0b88","ssdeep":"","tlshash":"98b09ba78dd41e9a71f50df52721775297d7551cd8305415c44bc1540e35451d895708","size":125,"data":"","first_seen":"2025-12-20T07:28:33.07597Z","last_seen":"2026-01-22T09:22:59.189043Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/js/theme-plugins-1.1.3.js","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3e59d67b0ba8b2b3bd96468da87bf850","sha1":"77f8fa85ea1c19fe9dbb9ca308e519fc94c4ad9b","sha256":"80d5cdf7cce5b31f8812a9df4e972c943d7677674b26360aa5ad9b2eb73b88b6","sha512":"fe0aea01afd7783f89eb8c9ce83e99ce54cdd51088f0484f200d65f1321a4f1e41915a4644588cb878052921564ac53e631ad9e556eac24f0fe2c713a6590912","ssdeep":"6144:jNieePiOow3ApC1j2b1dimpqoqslIfpr1abkKJypN:jNie+iOVh23NQ2ypN","tlshash":"8d3438567340367241e751ca50178105f372ba69b406c0ac72bdced62f9e98a60fffba","size":236578,"data":"","first_seen":"2025-10-25T15:53:30.344193Z","last_seen":"2026-03-22T11:49:55.741309Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/js/theme-main-1.1.3.js","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2e7e831ad18cb087126df11cfbcf50ce","sha1":"d1234fee2361ab14e80187aa09d47ffa0a967e92","sha256":"a505eaa9662755053e86b75135a4ba3a9441003caac80ce29242c9810011381d","sha512":"0cf3e4cb5a2e014350e1b86e19493d6535c99b25c7c5672554c000d96d56cdbb7408d9059014672cbce73b4f93fa182d5cdd958c9e0ea7531248ef90ba1af08c","ssdeep":"384:bHf1gZB8+4WOsxLEjBCoigtzztO3w4OBm8zX4EFz44VHRSjQyIntg2M/yu3uEJH1:wB84EyH8XNRSjQE3zJYoRJP/WDRk","tlshash":"9be2e614ff3d24ab80baf0da18af25cefa3d5173bd4208a5ecad44941bc085d764d9a7","size":34173,"data":"","first_seen":"2025-12-20T07:28:33.039635Z","last_seen":"2026-03-22T11:49:55.735942Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?c55c6aaaf65f2014092bf25971daef13","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"ccbe76242447fbc7200e08fd4098accd","sha1":"d71df87bbb563d617aa1423f3143d581f2e5bc89","sha256":"aeb5ae1f51c282b408bfae91059258f0c062bce4562b00f162ad2d558a41abcb","sha512":"c1340f6a2c977cb8ac7d1080e8e93d99a437ebe14017f09c8ff040f5fe758ba21930e8c9b5dce824a702cf70d8a6845656e727c60bc989e81a8a347cd6c2279c","ssdeep":"384:h0JSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:h04VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"31d2d9e9b282713293a324a5153f324af17b5a54bd4968a4f11894c07d38fbb027bfdd","size":29899,"data":"","first_seen":"2025-12-24T21:58:52.173193Z","last_seen":"2025-12-24T21:58:52.173193Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/theme-main-js-extra","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"4fb6efe273f9f28c0e54658bc29e5edd","sha1":"3d7b8ee6caf3f05cf266e4bda65eedf02d2f30be","sha256":"fbefaab67957eae3b4754436d59db690f4c868f1486f6c497ee510dc596f7e05","sha512":"a0ccf8bc1550a8ba7e8b7416be36322704da35be09195ab24d8f9a68fed816b677e190201e7d40c88b1282498f3f6c45f6094e37bb368fa8e018dfb2b592346c","ssdeep":"","tlshash":"bcf09e5e95c90da114f649c85e102b331fd1e31789a2943d94bd70443f1455ff552b63","size":476,"data":"","first_seen":"2025-12-20T07:28:33.082591Z","last_seen":"2026-01-22T09:22:59.18815Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/js/theme-main-1.1.3.js","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2e7e831ad18cb087126df11cfbcf50ce","sha1":"d1234fee2361ab14e80187aa09d47ffa0a967e92","sha256":"a505eaa9662755053e86b75135a4ba3a9441003caac80ce29242c9810011381d","sha512":"0cf3e4cb5a2e014350e1b86e19493d6535c99b25c7c5672554c000d96d56cdbb7408d9059014672cbce73b4f93fa182d5cdd958c9e0ea7531248ef90ba1af08c","ssdeep":"384:bHf1gZB8+4WOsxLEjBCoigtzztO3w4OBm8zX4EFz44VHRSjQyIntg2M/yu3uEJH1:wB84EyH8XNRSjQE3zJYoRJP/WDRk","tlshash":"9be2e614ff3d24ab80baf0da18af25cefa3d5173bd4208a5ecad44941bc085d764d9a7","size":34173,"data":"","first_seen":"2025-12-20T07:28:33.039635Z","last_seen":"2026-03-22T11:49:55.735942Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"a0125bc0ed9d9196f6ca0b928da98da5","sha1":"1d2df34c966058622411bc0e5df561e9fcb5b15d","sha256":"5dec9c0d829694c77af4d9be6cedc53d94206406f2e404086ab9d5bcaf9e40ee","sha512":"30ed047d31b2fe07a94c801a7c62ea965447408f4db564b1f876775be28113eecc8eadf562ddf04ad28207d23ef54a642dc7037f554a093c5baf7ec9506292fe","ssdeep":"","tlshash":"30f097c84795e88a34d36cb165676a5c20ce0e211d44c8bdac0c141226c1a2361d35cf","size":474,"data":"","first_seen":"2025-12-24T21:58:52.208629Z","last_seen":"2025-12-24T21:58:52.208629Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"5570e6032386b6c5d8e62c00112797b9","sha1":"f7ce79dff393d7f9f0c717d5ce739a3d04c367ca","sha256":"1f43f8c04c9a584c35a8f4c76336d8e65a54adfa3dfd62e7730756d088f7b0e9","sha512":"a0d1ecc381d078c99c41789e547573364d77fffa27645f1fdbae2b9e726a56410ab4f2596bbac380c76cdd9c2288964b1a9907c890f872f7264054688db9372b","ssdeep":"","tlshash":"eed0ebdca1c990cc36936cd24810608c921e0e241c209de1cc048c2b358bf332403648","size":284,"data":"","first_seen":"2025-12-24T21:58:52.19514Z","last_seen":"2025-12-24T21:58:52.19514Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","size":12332,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-06T10:01:17.366505Z","times_seen":94910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?c55c6aaaf65f2014092bf25971daef13","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"17f232c927dff1763b40086d13dffcb7","sha1":"dded94b899e7319b3b0a87671bb2b5fe6fd2d000","sha256":"b1adce80a8a172fd2acf9943a5261856306a5440d1e83a21167e672707fa1925","sha512":"f443344e85abd9098828a41ea45da55de854ab9e0e3bd5531ead31d972f8c6528d6519fbdef5f21dc10f1289867b1e348a00667b19beb8b489ad2acea58670e4","ssdeep":"384:hFJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:hF4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"c6d2d9e9b282713293a324a5153f324af17b5a54bd4968a4f11894c07d38fbb027bfdd","size":29899,"data":"","first_seen":"2025-12-24T21:58:52.191713Z","last_seen":"2025-12-24T21:58:52.191713Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/js/jquery.qrcode.min.js","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"05f0b1d7d4b9b0b4975870606d650e3c","sha1":"f424bd339870510d1160d1c5da5d698aedbb452e","sha256":"f4ccf02b69092819ac24575c717a080c3b6c6d6161f1b8d82bf0bb523075032d","sha512":"34551c0e59b857e6b6b233d7ee04442178024858daf5c1ed28f38bd738fa4219c4d2f718ebde4c3837a1aa46866132f22f6c317bfc2daf8678f52bea5ead7651","ssdeep":"384:ILEsd9QYYAA1TRjjrlqgbHH/sgDZUnEbBIg4:wIFbVg","tlshash":"b452c8d1f39142b7b1466cd9681f289e98e8a4a3ac14955cbfb8c0e2e674fd16478f30","size":13995,"data":"","first_seen":"2023-03-07T01:15:08Z","last_seen":"2026-04-06T07:56:20.545163Z","times_seen":3607,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/js/theme-main-1.1.3.js","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2e7e831ad18cb087126df11cfbcf50ce","sha1":"d1234fee2361ab14e80187aa09d47ffa0a967e92","sha256":"a505eaa9662755053e86b75135a4ba3a9441003caac80ce29242c9810011381d","sha512":"0cf3e4cb5a2e014350e1b86e19493d6535c99b25c7c5672554c000d96d56cdbb7408d9059014672cbce73b4f93fa182d5cdd958c9e0ea7531248ef90ba1af08c","ssdeep":"384:bHf1gZB8+4WOsxLEjBCoigtzztO3w4OBm8zX4EFz44VHRSjQyIntg2M/yu3uEJH1:wB84EyH8XNRSjQE3zJYoRJP/WDRk","tlshash":"9be2e614ff3d24ab80baf0da18af25cefa3d5173bd4208a5ecad44941bc085d764d9a7","size":34173,"data":"","first_seen":"2025-12-20T07:28:33.039635Z","last_seen":"2026-03-22T11:49:55.735942Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","size":12332,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-06T10:01:17.366505Z","times_seen":94910,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/js/jquery.qrcode.min.js","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"05f0b1d7d4b9b0b4975870606d650e3c","sha1":"f424bd339870510d1160d1c5da5d698aedbb452e","sha256":"f4ccf02b69092819ac24575c717a080c3b6c6d6161f1b8d82bf0bb523075032d","sha512":"34551c0e59b857e6b6b233d7ee04442178024858daf5c1ed28f38bd738fa4219c4d2f718ebde4c3837a1aa46866132f22f6c317bfc2daf8678f52bea5ead7651","ssdeep":"384:ILEsd9QYYAA1TRjjrlqgbHH/sgDZUnEbBIg4:wIFbVg","tlshash":"b452c8d1f39142b7b1466cd9681f289e98e8a4a3ac14955cbfb8c0e2e674fd16478f30","size":13995,"data":"","first_seen":"2023-03-07T01:15:08Z","last_seen":"2026-04-06T07:56:20.545163Z","times_seen":3607,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/fonts/remixicon.ttf?t=1730118419915","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:33.315Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/fonts/remixicon.ttf?t=1730118419915 HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aigcsoft.site/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:33 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 563252\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\netag: \"6936617e-89834\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16209,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"GSUB\"","md5":"eb0489bd93d5f4d5f206b342c3837496","sha1":"969c5fc7ea62eda60870c3a7e9b138903de01f74","sha256":"8e6cc534e23123e5a06e7de297ad4ed5a480e09098e2c3ed824c789474b65fc8","sha512":"781a36c17578c6932b029b72f69a17881c88851653a850eb08d8f820c7e247e9394924b29cee7dcf6bcfb54b69bb393090364443e7518f0e740b76e7473ca7ac","ssdeep":"48:zUkBL2HHuxl8BgY8HF0CEVEAF373XVnE22n4nIwn0fyjA33nn5H:zUkBLWOj5rWCI/VrlE2W4/0Ks35","tlshash":"6c722a529363ff92c1f90432367a9f3a6d28f50061a55a26fe0296e5c8a6770bc05cd3","first_seen":"2025-12-20T07:28:33.063544Z","last_seen":"2025-12-24T21:58:52.143593Z","times_seen":2,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":245,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?c55c6aaaf65f2014092bf25971daef13","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:33.574Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?c55c6aaaf65f2014092bf25971daef13 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11293\r\nContent-Type: application/javascript\r\nDate: Wed, 24 Dec 2025 21:58:33 GMT\r\nEtag: 6fa09fd52a9a413fdcca058c9e475e8b\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=42609BB1689FDCFD; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":29899,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (623)","md5":"ef9e9ac58ec9836cf3fffd668377e48c","sha1":"eedebaae4294b1038668e7a955ce99bf79dd3c5f","sha256":"d2209738e8af3647abf4085705083416c963f3303654fc37e4a3fe43de4431d7","sha512":"7a23df191bdb0105238fd247c67009c06d75ebad6325606c87d7c2dc26f0d9399c492a6db5799372e21bc70081728e775d22de0102519503358adb2f94c83d46","ssdeep":"384:hyJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:hy4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"89d2d9e9b282713293a324a5153f324af17b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2025-12-24T21:58:52.146507Z","last_seen":"2025-12-24T21:58:52.146507Z","times_seen":1,"resource_available":true,"data":null}},"time_used":315,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":314,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:16.498Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tchepai.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 23:29:40 GMT","end":"Wed, 11 Feb 2026 00:28:09 GMT"},"fingerprint":{"sha1":"8B:3C:69:E0:C4:98:BD:A9:96:0D:82:95:06:D9:95:D6:53:61:B2:EB","sha256":"41:CF:0C:C6:86:69:7A:85:04:32:9B:03:B2:BA:24:26:DE:DC:93:7E:5B:88:0F:D3:DC:8F:FC:0F:3D:06:AB:40"}}},"request":{"raw":"GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1\r\nHost: promarkia.tchepai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Wed, 24 Dec 2025 22:46:16 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1XaRN87UpzvaWzH49thwmqXEQboPyFNQ3dd6hrC8u3Tm%2FVdOqSR3cpOql4dnPDev9gszVHnDxdqqM10C8pQgo20MZi790ykQBH7eE3RCgZpptpkQRg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Wed, 24 Dec 2025 21:58:16 GMT\r\ncf-ray: 9b335bf10f5b5ebd-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12332,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12331)","md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-06T10:01:17.366505Z","times_seen":94910,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"promarkia.tchepai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/js/jquery.qrcode.min.js","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:23.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/js/jquery.qrcode.min.js HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:23 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6936617e-36ab\"\r\nexpires: Thu, 25 Dec 2025 09:58:23 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13995,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (544)","md5":"05f0b1d7d4b9b0b4975870606d650e3c","sha1":"f424bd339870510d1160d1c5da5d698aedbb452e","sha256":"f4ccf02b69092819ac24575c717a080c3b6c6d6161f1b8d82bf0bb523075032d","sha512":"34551c0e59b857e6b6b233d7ee04442178024858daf5c1ed28f38bd738fa4219c4d2f718ebde4c3837a1aa46866132f22f6c317bfc2daf8678f52bea5ead7651","ssdeep":"384:ILEsd9QYYAA1TRjjrlqgbHH/sgDZUnEbBIg4:wIFbVg","tlshash":"b452c8d1f39142b7b1466cd9681f289e98e8a4a3ac14955cbfb8c0e2e674fd16478f30","first_seen":"2023-03-07T01:15:08Z","last_seen":"2026-04-06T07:56:20.545163Z","times_seen":3607,"resource_available":true,"data":null}},"time_used":679,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":679,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/uploads/tool-img/screenshot_a9a4dcd1cad123731fcf500cb0546ef1.jpg","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:23.585Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/uploads/tool-img/screenshot_a9a4dcd1cad123731fcf500cb0546ef1.jpg HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:23 GMT\r\ncontent-type: image/webp\r\ncontent-length: 62084\r\nlast-modified: Mon, 03 Nov 2025 02:23:32 GMT\r\netag: \"69081224-f284\"\r\nexpires: Thu, 24 Dec 2026 21:58:23 GMT\r\nvary: Accept\r\ncache-control: max-age=31536000, private\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":62084,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x853, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ca733a117d9d35745ffc976739b1dc35","sha1":"547849ca4246bb8a90506f49ba9647125f82eeb6","sha256":"f4de89855c60d9b39a2c8de93ed284a3f9e38bcd942b84ae8ce950dd7f4538d3","sha512":"b8fb64c3700c4597264650d372756296e92809213fe00879922e94e20446e39fbfe30267a703487385096d3ac8ff563b33d9a1f1434ee3f405c743da97bc8cf2","ssdeep":"1536:A05qWuOlx+PqtF5nscVOEmMPccKd2kcbBslPDn4+aF:X5BLPdnssOEMXROKl7xU","tlshash":"5b5301507d71fc77799f12117281f8a5cc934d86b24e8af701ab3a2dd7d36a40b24a07","first_seen":"2025-12-24T21:58:52.151813Z","last_seen":"2025-12-24T21:58:52.151813Z","times_seen":1,"resource_available":false,"data":null}},"time_used":687,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":473,"receive":214,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/uploads/2025/07/cropped-1752810663-aigcsoft_icon-1-32x32.png","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:24.518Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/uploads/2025/07/cropped-1752810663-aigcsoft_icon-1-32x32.png HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:24 GMT\r\ncontent-type: image/webp\r\ncontent-length: 562\r\nlast-modified: Mon, 03 Nov 2025 02:33:38 GMT\r\netag: \"69081482-232\"\r\nexpires: Thu, 24 Dec 2026 21:58:24 GMT\r\nvary: Accept\r\ncache-control: max-age=31536000, private\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":562,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a59182f675a7e025695c9d0e099dce66","sha1":"3c61a5618341793b0af0cd3b038a36ff110cfd01","sha256":"71f1620efe55801bc4796da9c846e4b03c1d1f297bdf887732b732048c86fae5","sha512":"9855423706c371365ec07b5b3f87d0b5911483fdb3a7141bc9e4c987ddc22759e1db42e0064670525d3a1a918898fb77852a7a1134ac07b1f00b57a7a1ad0a9d","ssdeep":"","tlshash":"a2f026c85bd98da0bc014e3b74479e5d3c07a59d55a0f793c40860e565354865bf9fc4","first_seen":"2025-10-29T13:50:29.301014Z","last_seen":"2026-03-22T11:49:55.738593Z","times_seen":6,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=522069B2C416022F\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026ep=2610%2C2609\u0026et=3\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026lt=1766613501\u0026rnd=1125181564\u0026si=c55c6aaaf65f2014092bf25971daef13\u0026su=https%3A%2F%2Fpromarkia.tchepai.com%2F\u0026v=1.3.2\u0026lv=2\u0026sn=52045\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fpromarkia.tchepai.com%2F","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:27.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=522069B2C416022F\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026ep=2610%2C2609\u0026et=3\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026lt=1766613501\u0026rnd=1125181564\u0026si=c55c6aaaf65f2014092bf25971daef13\u0026su=https%3A%2F%2Fpromarkia.tchepai.com%2F\u0026v=1.3.2\u0026lv=2\u0026sn=52045\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fpromarkia.tchepai.com%2F HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Wed, 24 Dec 2025 21:58:27 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=A71D67D34C7C5307; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-06T10:13:20.046125Z","times_seen":328563,"resource_available":true,"data":null}},"time_used":319,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":318,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/fonts/socicon.ttf","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:28.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/fonts/socicon.ttf HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aigcsoft.site/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:28 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 100120\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\netag: \"6936617e-18718\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16209,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"OS/2\"","md5":"32eb61f4ac815f9eb9dc0a24c954ce06","sha1":"b92816b40b1e64e00d0897d5f5cac7323df2f7d3","sha256":"41d9662b59f0de5ef0c613f569bf21cb710ab13de227f4e05c5ba3b0ebb2e0bc","sha512":"ffa93630ee131b583c44ab7ee20122c86cc3d7ecc8522e0927b9f25891c388be5109f44a41e1ec9e9725f9e38afb2c830b77805d942296ecddf40c0e5fe1bde6","ssdeep":"192:SlCEnJ4YsvV2izyKzvwIdyU70kFwgDt52OIhwjVysCgxbKbxR+hOHlKJwdsK0Piq:SlPJ892+yKzNdr70kag5FbVbLcVAfKaj","tlshash":"7c72c60b276aeb1e906651e34c02a4138dc7e301833be6a6d3dede4861155f49c7dafe","first_seen":"2025-12-20T07:28:33.050376Z","last_seen":"2025-12-24T21:58:52.157174Z","times_seen":2,"resource_available":false,"data":null}},"time_used":283,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":281,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/fonts/remixicon.ttf?t=1730118419915","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:19.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/fonts/remixicon.ttf?t=1730118419915 HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aigcsoft.site/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:19 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 563252\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\netag: \"6936617e-89834\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":32768,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"GSUB\"","md5":"683c59b75009947a26056e23718c8ea4","sha1":"cc529d35ec562f325c66a4c71dc9ac28e1399b57","sha256":"01464b59077dbb83145e43c0218ee0241f0ead60c78c5bb2162a0ffe5d523c8e","sha512":"fb903fde42b1d71d33845d6bdebb0209caaf09f11ce8703a4fb85304e6fee188cc3dd85da516e95c087a33034a3fb2e39f384fdc1075a855e60ef187fb974167","ssdeep":"384:NBh8E5czQ4BUa4TWn79dJ7nWYxITqzc8iPHR/4+gTDp5pZrxrVbbO:NP4Q4BUhKD7WY2Tq7oxg9DJZrLbO","tlshash":"bae29c127b53fb11c0e7043625e9df2779046127b33f5c86a72266d990926f2b87c5d2","first_seen":"2025-12-24T21:58:52.159146Z","last_seen":"2025-12-24T21:58:52.159146Z","times_seen":1,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":245,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/js/theme-main-1.1.3.js","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:23.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/js/theme-main-1.1.3.js HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:23 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6936617e-857d\"\r\nexpires: Thu, 25 Dec 2025 09:58:23 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":34173,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"2e7e831ad18cb087126df11cfbcf50ce","sha1":"d1234fee2361ab14e80187aa09d47ffa0a967e92","sha256":"a505eaa9662755053e86b75135a4ba3a9441003caac80ce29242c9810011381d","sha512":"0cf3e4cb5a2e014350e1b86e19493d6535c99b25c7c5672554c000d96d56cdbb7408d9059014672cbce73b4f93fa182d5cdd958c9e0ea7531248ef90ba1af08c","ssdeep":"384:bHf1gZB8+4WOsxLEjBCoigtzztO3w4OBm8zX4EFz44VHRSjQyIntg2M/yu3uEJH1:wB84EyH8XNRSjQE3zJYoRJP/WDRk","tlshash":"9be2e614ff3d24ab80baf0da18af25cefa3d5173bd4208a5ecad44941bc085d764d9a7","first_seen":"2025-12-20T07:28:33.039635Z","last_seen":"2026-03-22T11:49:55.735942Z","times_seen":5,"resource_available":true,"data":null}},"time_used":678,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":678,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/fonts/socicon.woff","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:28.107Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/fonts/socicon.woff HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aigcsoft.site/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:28 GMT\r\ncontent-type: font/woff\r\ncontent-length: 100196\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\netag: \"6936617e-18764\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16218,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 100196, version 1.1","md5":"404c2460687cd601de7b0bcd048ed6d9","sha1":"3a0399d6b8904c1d2d9bc6950861468c5f9d20a7","sha256":"d36a6ebf104049f44f167a15e316cb9084b7b2e4b61c4e45c8a7f75499c87337","sha512":"365ac7d622a4e708b4e19d08790eadf09ae805fda3bab8e0ee467c4937431684cf15d34660a4ea8871620bbac4a76a9106b1ba4351aef43425c786cfb8005312","ssdeep":"192:7y0lCEnJ4YsvV2izyKzvwIdyU70kFwgDt52OIhwjVysCgxbKbxR+hOHlKJwdsK0U:3lPJ892+yKzNdr70kag5FbVbLcVAfKaM","tlshash":"2b72d60b276aeb1e906651e34c02a4138dc7e301833be6a6d2dede4851056f49d7dafe","first_seen":"2025-12-20T07:28:33.060869Z","last_seen":"2025-12-24T21:58:52.16276Z","times_seen":2,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":245,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/uploads/2025/07/cropped-1752810663-aigcsoft_icon-1-32x32.png","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:28.742Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/uploads/2025/07/cropped-1752810663-aigcsoft_icon-1-32x32.png HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:28 GMT\r\ncontent-type: image/webp\r\ncontent-length: 562\r\nlast-modified: Mon, 03 Nov 2025 02:33:38 GMT\r\netag: \"69081482-232\"\r\nexpires: Thu, 24 Dec 2026 21:58:28 GMT\r\nvary: Accept\r\ncache-control: max-age=31536000, private\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":562,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a59182f675a7e025695c9d0e099dce66","sha1":"3c61a5618341793b0af0cd3b038a36ff110cfd01","sha256":"71f1620efe55801bc4796da9c846e4b03c1d1f297bdf887732b732048c86fae5","sha512":"9855423706c371365ec07b5b3f87d0b5911483fdb3a7141bc9e4c987ddc22759e1db42e0064670525d3a1a918898fb77852a7a1134ac07b1f00b57a7a1ad0a9d","ssdeep":"","tlshash":"a2f026c85bd98da0bc014e3b74479e5d3c07a59d55a0f793c40860e565354865bf9fc4","first_seen":"2025-10-29T13:50:29.301014Z","last_seen":"2026-03-22T11:49:55.738593Z","times_seen":6,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":244,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/rum?","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:25.060Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tchepai.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 23:29:40 GMT","end":"Wed, 11 Feb 2026 00:28:09 GMT"},"fingerprint":{"sha1":"8B:3C:69:E0:C4:98:BD:A9:96:0D:82:95:06:D9:95:D6:53:61:B2:EB","sha256":"41:CF:0C:C6:86:69:7A:85:04:32:9B:03:B2:BA:24:26:DE:DC:93:7E:5B:88:0F:D3:DC:8F:FC:0F:3D:06:AB:40"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: promarkia.tchepai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 1063\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nCookie: Hm_lvt_c55c6aaaf65f2014092bf25971daef13=1766613501; Hm_lpvt_c55c6aaaf65f2014092bf25971daef13=1766613501; HMACCOUNT=B41F89B426AA4740\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1063,"data":"{\"memory\":{},\"resources\":[],\"referrer\":\"https://promarkia.tchepai.com/\",\"eventType\":1,\"firstPaint\":0,\"firstContentfulPaint\":1696,\"startTime\":1766613501893,\"versions\":{\"fl\":\"2024.11.0\",\"js\":\"2024.6.1\",\"timings\":2},\"pageloadId\":\"b0ca9feb-cce7-476c-8506-f9498381a1f6\",\"location\":\"https://promarkia.tchepai.com/\",\"nt\":\"navigate\",\"timingsV2\":{\"unloadEventStart\":1080,\"unloadEventEnd\":1084,\"domInteractive\":1651,\"domContentLoadedEventStart\":1703,\"domContentLoadedEventEnd\":1704,\"domComplete\":2927,\"loadEventStart\":2927,\"loadEventEnd\":2931,\"type\":\"navigate\",\"redirectCount\":0,\"initiatorType\":\"navigation\",\"nextHopProtocol\":\"h3\",\"workerStart\":0,\"redirectStart\":0,\"redirectEnd\":0,\"fetchStart\":1,\"domainLookupStart\":1,\"domainLookupEnd\":1,\"connectStart\":1,\"connectEnd\":1,\"secureConnectionStart\":1,\"requestStart\":26,\"responseStart\":1074,\"responseEnd\":1075,\"transferSize\":14808,\"encodedBodySize\":14017,\"decodedBodySize\":61212,\"name\":\"https://promarkia.tchepai.com/\",\"entryType\":\"navigation\",\"startTime\":0,\"duration\":2931},\"siteToken\":\"92deb57dede945b8a4cf3d9a4d6c7549\",\"st\":2}"}},"response":{"raw":"HTTP/3 204 No Content\r\naccess-control-allow-origin: https://promarkia.tchepai.com\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-max-age: 86400\r\nvary: Origin, accept-encoding\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Jb4IhP0acX098dTeoJiclSrJEZHZpkiNemmimu0fUmRMjLaSkixtULzB4v3KXhr5CEHWGNd7gsYNgBy68bRXM7cGUU7PVC6ET0Fsmq4nO1hwVz7jRA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Wed, 24 Dec 2025 21:58:25 GMT\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 9b335c269eaf5ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"promarkia.tchepai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/fonts/remixicon.woff2?t=1730118419915","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:28.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/fonts/remixicon.woff2?t=1730118419915 HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aigcsoft.site/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:28 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 174156\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\netag: \"6936617e-2a84c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16217,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 174156, version 1.0","md5":"6333e3ac6448edbf9ea5162d3ed2bffb","sha1":"81960e0c5fd6212560a4fa5656a083002217c976","sha256":"b9e0c01818561e17c375bd2b8f4cf19b8ff49e20526a5d7875ef9bf2027df419","sha512":"588c9b8469fc3187c48bccdc646581a6ea8b1b80c2cd3d86207d4af65a7e59b75ec8d807e2e785c79a31d96b192865efdb5eb5d2c50ee6e3a49149967686eaa7","ssdeep":"192:+FQJZ1+7NAl2zz11ENhjSKdTcxplT5l9ePEMi7ah2xWEWOgZo8fo3hNWPqzEe6TF:+2J67NAEVX9Ghwzg+8/PqzQ49ifVt","tlshash":"c472bf22d364e1eed1513e35b8a2ebe411200d568303afcd181aaf1c5b775cdadde562","first_seen":"2025-12-20T07:28:33.067289Z","last_seen":"2025-12-24T21:58:52.166121Z","times_seen":2,"resource_available":false,"data":null}},"time_used":437,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":436,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:23.039Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Dec 2025 10:36:27 GMT","end":"Fri, 20 Mar 2026 11:36:07 GMT"},"fingerprint":{"sha1":"C6:6A:71:84:C2:40:13:D1:A4:B7:DF:C4:1C:E1:54:F3:76:97:EF:6B","sha256":"EC:09:93:3E:E8:5D:9E:7A:B0:D9:7C:6D:85:49:92:10:89:9F:C8:FF:A5:1B:90:BB:AB:86:7E:D9:BA:0A:1C:4E"}}},"request":{"raw":"GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1\r\nHost: static.cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Dec 2025 21:58:23 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\netag: W/\"2024.6.1\"\r\nlast-modified: Thu, 06 Jun 2024 15:52:56 GMT\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9b335c19eac8b4f3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19948,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (19948), with no line terminators","md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-06T09:59:39.016388Z","times_seen":330593,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/uploads/2025/05/bg3.jpg?orientation=landscape\u0026width=1920\u0026height=850","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:28.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/bg3.jpg?orientation=landscape\u0026width=1920\u0026height=850 HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:28 GMT\r\ncontent-type: image/webp\r\ncontent-length: 23682\r\nlast-modified: Mon, 03 Nov 2025 02:35:56 GMT\r\netag: \"6908150c-5c82\"\r\nexpires: Thu, 24 Dec 2026 21:58:28 GMT\r\nvary: Accept\r\ncache-control: max-age=31536000, private\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23682,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x850, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"474ef9ffb3d7631a7f573e747b065667","sha1":"2a9a9c059559ca3a97c870a05fa287ea18613f06","sha256":"fe33c5ccf2eed97bf1dd4f55bca0b138a6492c822541f1856c5acce7ad48d893","sha512":"973137a1bfef726c530f0657b5746c73ee637358b8bb3c7aaa3da163e73d5cc58061bea05a3bbdfea82d5a98b498baf6cd80e6f2af04acf5a189529448f13ea4","ssdeep":"384:XL36AO1qPsnZSi7f1Gf4BYYS9XJd347ZiP8YsVyOfpQGVm:rFSqPsnbT12+YTdTo7ZikYWTVm","tlshash":"afb2df2f4b886ce5ed6f05f325b00110541369732eeb9bd8095576e0abb05472e39df7","first_seen":"2025-10-29T13:50:29.298269Z","last_seen":"2026-03-22T11:49:55.685335Z","times_seen":6,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":245,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/uploads/2025/07/cropped-1752810663-aigcsoft_icon-1-32x32.png","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:33.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/uploads/2025/07/cropped-1752810663-aigcsoft_icon-1-32x32.png HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:33 GMT\r\ncontent-type: image/webp\r\ncontent-length: 562\r\nlast-modified: Mon, 03 Nov 2025 02:33:38 GMT\r\netag: \"69081482-232\"\r\nexpires: Thu, 24 Dec 2026 21:58:33 GMT\r\nvary: Accept\r\ncache-control: max-age=31536000, private\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":562,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a59182f675a7e025695c9d0e099dce66","sha1":"3c61a5618341793b0af0cd3b038a36ff110cfd01","sha256":"71f1620efe55801bc4796da9c846e4b03c1d1f297bdf887732b732048c86fae5","sha512":"9855423706c371365ec07b5b3f87d0b5911483fdb3a7141bc9e4c987ddc22759e1db42e0064670525d3a1a918898fb77852a7a1134ac07b1f00b57a7a1ad0a9d","ssdeep":"","tlshash":"a2f026c85bd98da0bc014e3b74479e5d3c07a59d55a0f793c40860e565354865bf9fc4","first_seen":"2025-10-29T13:50:29.301014Z","last_seen":"2026-03-22T11:49:55.738593Z","times_seen":6,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=B41F89B426AA4740\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=292125652\u0026si=c55c6aaaf65f2014092bf25971daef13\u0026v=1.3.2\u0026lv=1\u0026sn=52041\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fpromarkia.tchepai.com%2F\u0026tt=Promarkia-AI%E6%99%BA%E8%83%BD%E8%90%A5%E9%94%80%E5%86%85%E5%AE%B9%E7%94%9F%E6%88%90%E5%B9%B3%E5%8F%B0%EF%BC%8C%E4%B8%80%E9%94%AE%E5%88%9B%E5%BB%BA%E5%9B%BE%E7%89%87%E8%A7%86%E9%A2%91%E5%8D%9A%E5%AE%A2","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:20.843Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=B41F89B426AA4740\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=292125652\u0026si=c55c6aaaf65f2014092bf25971daef13\u0026v=1.3.2\u0026lv=1\u0026sn=52041\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fpromarkia.tchepai.com%2F\u0026tt=Promarkia-AI%E6%99%BA%E8%83%BD%E8%90%A5%E9%94%80%E5%86%85%E5%AE%B9%E7%94%9F%E6%88%90%E5%B9%B3%E5%8F%B0%EF%BC%8C%E4%B8%80%E9%94%AE%E5%88%9B%E5%BB%BA%E5%9B%BE%E7%89%87%E8%A7%86%E9%A2%91%E5%8D%9A%E5%AE%A2 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Wed, 24 Dec 2025 21:58:21 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=9692E53C5C6C7E8E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-06T10:13:20.046125Z","times_seen":328563,"resource_available":true,"data":null}},"time_used":319,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":318,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:32.315Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tchepai.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 23:29:40 GMT","end":"Wed, 11 Feb 2026 00:28:09 GMT"},"fingerprint":{"sha1":"8B:3C:69:E0:C4:98:BD:A9:96:0D:82:95:06:D9:95:D6:53:61:B2:EB","sha256":"41:CF:0C:C6:86:69:7A:85:04:32:9B:03:B2:BA:24:26:DE:DC:93:7E:5B:88:0F:D3:DC:8F:FC:0F:3D:06:AB:40"}}},"request":{"raw":"GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1\r\nHost: promarkia.tchepai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nCookie: Hm_lvt_c55c6aaaf65f2014092bf25971daef13=1766613501; Hm_lpvt_c55c6aaaf65f2014092bf25971daef13=1766613509; HMACCOUNT=B41F89B426AA4740\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Wed, 24 Dec 2025 22:46:32 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XmDaYLAthl6a7vE%2BJOABkDQPzvHcY8sD4m8Fdb1wzCu5jhxieKQjQ0%2BGSuGYuE6SWTsjEAyrqwmGeXbMMaU9LYdtotdGXANoDcrp3c%2Fvk4TmG%2BG4aA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Wed, 24 Dec 2025 21:58:32 GMT\r\ncf-ray: 9b335c53fc095ebd-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12332,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12331)","md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-06T10:01:17.366505Z","times_seen":94910,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"promarkia.tchepai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-24T21:58:15.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tchepai.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 23:29:40 GMT","end":"Wed, 11 Feb 2026 00:28:09 GMT"},"fingerprint":{"sha1":"8B:3C:69:E0:C4:98:BD:A9:96:0D:82:95:06:D9:95:D6:53:61:B2:EB","sha256":"41:CF:0C:C6:86:69:7A:85:04:32:9B:03:B2:BA:24:26:DE:DC:93:7E:5B:88:0F:D3:DC:8F:FC:0F:3D:06:AB:40"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: promarkia.tchepai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Dec 2025 21:58:16 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nserver-timing: wp-before-template;dur=121.03, cfCacheStatus;desc=\"DYNAMIC\", cfEdge;dur=11,cfOrigin;dur=1007\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MFdyR32Pkj45A8r90HgJreGWJ4Gk7r2DIX2tgTCbOde0e73U4%2BY4FSGyRxx%2BXRwY9ErCTjh9qyQYZvK8Gb7PatRc2lD4%2BgmhsQKBH0I%2BUk9kY%2Bk%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9b335be98f7cb51d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Embed Optimizer:1.0.0","description":"Performance plugin from the WordPress Performance Team, which optimizes embeds by lazy loading them only as they come into view.","website":"https://wordpress.org/plugins/embed-optimizer/","common_platform_enumeration":"","icon":"embed-optimizer.svg","categories":["WordPress plugins","Performance"]},{"name":"Image Prioritizer:1.0.0","description":"Performance plugin from the WordPress Performance Team, which optimizes the loading of images which are the LCP (Largest Contentful Paint) element, including both img elements and elements with CSS background images.","website":"https://wordpress.org/plugins/image-prioritizer/","common_platform_enumeration":"","icon":"image-prioritizer.svg","categories":["WordPress plugins","Performance"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Enhanced Responsive Images:1.7.0","description":"Performance plugin from the WordPress Performance Team, which improves image sizes attribute accuracy and implements the HTML spec for adding sizes='auto' to lazy loaded images.","website":"https://wordpress.org/plugins/auto-sizes/","common_platform_enumeration":"","icon":"enhanced-image-sizes.svg","categories":["WordPress plugins","Performance"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Web Worker Offloading:0.2.0","description":"Performance plugin from the WordPress Performance Team, which offloads JavaScript execution to a Web Worker, improving performance by freeing up the main thread.","website":"https://wordpress.org/plugins/web-worker-offloading/","common_platform_enumeration":"","icon":"web-worker-offloading.svg","categories":["WordPress plugins","Performance"]},{"name":"Google AdSense","description":"Google AdSense is a program run by Google through which website publishers serve advertisements that are targeted to the site content and audience.","website":"https://www.google.com/adsense/start/","common_platform_enumeration":"","icon":"Google AdSense.svg","categories":["Advertising"]},{"name":"Image Placeholders:1.2.0","description":"Performance plugin from the WordPress Performance Team, which determines and stores the dominant color for newly uploaded images in the media library, then uses that as a placeholder background during front end image loads.","website":"https://wordpress.org/plugins/dominant-color-images/","common_platform_enumeration":"","icon":"dominant-color-images.svg","categories":["WordPress plugins","Performance"]},{"name":"Optimization Detective:1.0.0","description":"Performance plugin from the WordPress Performance Team, which captures real user metrics about what elements are displayed on the page across a variety of device form factors (e.g. desktop, tablet, and phone) in order to apply loading optimizations.","website":"https://wordpress.org/plugins/optimization-detective/","common_platform_enumeration":"","icon":"optimization-detective.svg","categories":["WordPress plugins","Performance"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"Performance Lab:4.0.0","description":"Performance plugin from the WordPress Performance Team, which is a collection of standalone performance modules.","website":"https://wordpress.org/plugins/performance-lab/","common_platform_enumeration":"","icon":"Performance Lab.svg","categories":["WordPress plugins","Performance"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"Performant Translations:1.2.0","description":"Performance plugin from the WordPress Performance Team, which makes internationalization/localization in WordPress faster than ever before.","website":"https://wordpress.org/plugins/performant-translations/","common_platform_enumeration":"","icon":"performant-translations.svg","categories":["WordPress plugins","Performance"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Speculative Loading:1.6.0","description":"Performance plugin from the WordPress Performance Team, which adds support for the Speculation Rules API, by which certain URLs are dynamically prefetched or prerendered based on user interaction.","website":"https://wordpress.org/plugins/speculation-rules/","common_platform_enumeration":"","icon":"speculation-rules.svg","categories":["WordPress plugins","Performance"]}],"data":{"size":61212,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8832), with CRLF, LF line terminators","md5":"c335f27107108344fb8e0a2b001318f3","sha1":"ae5db27276db1ef314386fff18a1f8a48988c9a2","sha256":"632f9aae8f91da913ca5ae25f6b85d360131e1b04f102187abc83fe425ad48df","sha512":"1a7ee3fcdf71cf3e48f55ed1c474a78b529d832c580a736c78ecb35ed7d3b863544fffa2917b7b11545afb90be1fe8536203de0fa1174895f8bd344d0d4048d7","ssdeep":"1536:u5ypH6heRJStwnoDzFhOeqt1N7AfYevI1vvQi1dajoLt:u09LRJStwnoD3OeQ1N8f1YvvQiGox","tlshash":"a85387b1d48d547a031b57e54530772df2935a3bcf229a62b3fa93acc748f9684a310e","first_seen":"2025-12-24T21:58:52.169269Z","last_seen":"2025-12-24T21:58:52.169269Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1079,"timings":{"blocked":25,"dns":1,"connect":1,"send":0,"wait":1027,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"promarkia.tchepai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/js/theme-plugins-1.1.3.js","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:18.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/js/theme-plugins-1.1.3.js HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:18 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6936617e-39c22\"\r\nexpires: Thu, 25 Dec 2025 09:58:18 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":236578,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (42862)","md5":"3e59d67b0ba8b2b3bd96468da87bf850","sha1":"77f8fa85ea1c19fe9dbb9ca308e519fc94c4ad9b","sha256":"80d5cdf7cce5b31f8812a9df4e972c943d7677674b26360aa5ad9b2eb73b88b6","sha512":"fe0aea01afd7783f89eb8c9ce83e99ce54cdd51088f0484f200d65f1321a4f1e41915a4644588cb878052921564ac53e631ad9e556eac24f0fe2c713a6590912","ssdeep":"6144:jNieePiOow3ApC1j2b1dimpqoqslIfpr1abkKJypN:jNie+iOVh23NQ2ypN","tlshash":"8d3438567340367241e751ca50178105f372ba69b406c0ac72bdced62f9e98a60fffba","first_seen":"2025-10-25T15:53:30.344193Z","last_seen":"2026-03-22T11:49:55.741309Z","times_seen":7,"resource_available":true,"data":null}},"time_used":405,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":405,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=2822E40DF4CBF9F5\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026ep=2504%2C2503\u0026et=3\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026lt=1766613501\u0026rnd=414955135\u0026si=c55c6aaaf65f2014092bf25971daef13\u0026su=https%3A%2F%2Fpromarkia.tchepai.com%2F\u0026v=1.3.2\u0026lv=2\u0026sn=52049\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fpromarkia.tchepai.com%2F","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:31.998Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=2822E40DF4CBF9F5\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026ep=2504%2C2503\u0026et=3\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026lt=1766613501\u0026rnd=414955135\u0026si=c55c6aaaf65f2014092bf25971daef13\u0026su=https%3A%2F%2Fpromarkia.tchepai.com%2F\u0026v=1.3.2\u0026lv=2\u0026sn=52049\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fpromarkia.tchepai.com%2F HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Wed, 24 Dec 2025 21:58:32 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=A1C09119912D7F6F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-06T10:13:20.046125Z","times_seen":328563,"resource_available":true,"data":null}},"time_used":315,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":314,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/fonts/remixicon.woff2?t=1730118419915","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:23.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/fonts/remixicon.woff2?t=1730118419915 HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aigcsoft.site/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:23 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 174156\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\netag: \"6936617e-2a84c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16217,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 174156, version 1.0","md5":"6333e3ac6448edbf9ea5162d3ed2bffb","sha1":"81960e0c5fd6212560a4fa5656a083002217c976","sha256":"b9e0c01818561e17c375bd2b8f4cf19b8ff49e20526a5d7875ef9bf2027df419","sha512":"588c9b8469fc3187c48bccdc646581a6ea8b1b80c2cd3d86207d4af65a7e59b75ec8d807e2e785c79a31d96b192865efdb5eb5d2c50ee6e3a49149967686eaa7","ssdeep":"192:+FQJZ1+7NAl2zz11ENhjSKdTcxplT5l9ePEMi7ah2xWEWOgZo8fo3hNWPqzEe6TF:+2J67NAEVX9Ghwzg+8/PqzQ49ifVt","tlshash":"c472bf22d364e1eed1513e35b8a2ebe411200d568303afcd181aaf1c5b775cdadde562","first_seen":"2025-12-20T07:28:33.067289Z","last_seen":"2025-12-24T21:58:52.166121Z","times_seen":2,"resource_available":false,"data":null}},"time_used":493,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":490,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/fonts/socicon.ttf","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:23.834Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/fonts/socicon.ttf HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aigcsoft.site/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:23 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 100120\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\netag: \"6936617e-18718\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16209,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"OS/2\"","md5":"32eb61f4ac815f9eb9dc0a24c954ce06","sha1":"b92816b40b1e64e00d0897d5f5cac7323df2f7d3","sha256":"41d9662b59f0de5ef0c613f569bf21cb710ab13de227f4e05c5ba3b0ebb2e0bc","sha512":"ffa93630ee131b583c44ab7ee20122c86cc3d7ecc8522e0927b9f25891c388be5109f44a41e1ec9e9725f9e38afb2c830b77805d942296ecddf40c0e5fe1bde6","ssdeep":"192:SlCEnJ4YsvV2izyKzvwIdyU70kFwgDt52OIhwjVysCgxbKbxR+hOHlKJwdsK0Piq:SlPJ892+yKzNdr70kag5FbVbLcVAfKaj","tlshash":"7c72c60b276aeb1e906651e34c02a4138dc7e301833be6a6d3dede4861155f49c7dafe","first_seen":"2025-12-20T07:28:33.050376Z","last_seen":"2025-12-24T21:58:52.157174Z","times_seen":2,"resource_available":false,"data":null}},"time_used":700,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":698,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/rum?","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:27.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tchepai.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 23:29:40 GMT","end":"Wed, 11 Feb 2026 00:28:09 GMT"},"fingerprint":{"sha1":"8B:3C:69:E0:C4:98:BD:A9:96:0D:82:95:06:D9:95:D6:53:61:B2:EB","sha256":"41:CF:0C:C6:86:69:7A:85:04:32:9B:03:B2:BA:24:26:DE:DC:93:7E:5B:88:0F:D3:DC:8F:FC:0F:3D:06:AB:40"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: promarkia.tchepai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 538\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nCookie: Hm_lvt_c55c6aaaf65f2014092bf25971daef13=1766613501; Hm_lpvt_c55c6aaaf65f2014092bf25971daef13=1766613505; HMACCOUNT=B41F89B426AA4740\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":538,"data":"{\"referrer\":\"https://promarkia.tchepai.com/\",\"eventType\":3,\"versions\":{\"js\":\"2024.6.1\",\"fl\":\"2024.11.0\"},\"pageloadId\":\"b0ca9feb-cce7-476c-8506-f9498381a1f6\",\"location\":\"https://promarkia.tchepai.com/\",\"landingPath\":\"/\",\"startTime\":1766613501893,\"nt\":\"navigate\",\"siteToken\":\"92deb57dede945b8a4cf3d9a4d6c7549\",\"lcp\":{\"value\":-1},\"fid\":{\"value\":-1},\"cls\":{\"value\":-1},\"fcp\":{\"value\":1696,\"path\":\"/\"},\"ttfb\":{\"value\":1074,\"path\":\"/\"},\"inp\":{\"value\":-1},\"timingsV2\":{\"nextHopProtocol\":\"h3\",\"transferSize\":14808,\"decodedBodySize\":61212},\"st\":1}"}},"response":{"raw":"HTTP/3 204 No Content\r\naccess-control-allow-origin: https://promarkia.tchepai.com\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-max-age: 86400\r\nvary: Origin, accept-encoding\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2JhfHJVKi69N5Mc%2FBUCf9Hwc%2BJCJ6T8enRQE0GxWLm4xFGTmuZoBoyO2xYP3eOF%2BvbbKW6p%2B3TgTibokIiBJzbPrwn8bf%2BU12cu%2FGx7s%2F1XP%2F8o%2Ffg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Wed, 24 Dec 2025 21:58:27 GMT\r\npriority: u=6,i=?0\r\nserver: cloudflare\r\ncf-ray: 9b335c378ffa5ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"promarkia.tchepai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:27.810Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tchepai.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 23:29:40 GMT","end":"Wed, 11 Feb 2026 00:28:09 GMT"},"fingerprint":{"sha1":"8B:3C:69:E0:C4:98:BD:A9:96:0D:82:95:06:D9:95:D6:53:61:B2:EB","sha256":"41:CF:0C:C6:86:69:7A:85:04:32:9B:03:B2:BA:24:26:DE:DC:93:7E:5B:88:0F:D3:DC:8F:FC:0F:3D:06:AB:40"}}},"request":{"raw":"GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1\r\nHost: promarkia.tchepai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nCookie: Hm_lvt_c55c6aaaf65f2014092bf25971daef13=1766613501; Hm_lpvt_c55c6aaaf65f2014092bf25971daef13=1766613505; HMACCOUNT=B41F89B426AA4740\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Wed, 24 Dec 2025 22:46:27 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Bp0TtvbSMOjnDDx2KjElWDYWK5EhuQQqI4%2FZ5Z%2BYULlqjUDMzaDzSshEZ7QQmTmXulpDeoQyCpogaKnll7Hi49Yfc4gx1Zq2zd4iJyE5wEzNhbn9mQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Wed, 24 Dec 2025 21:58:27 GMT\r\ncf-ray: 9b335c37cffe5ebd-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12332,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12331)","md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-06T10:01:17.366505Z","times_seen":94910,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"promarkia.tchepai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?c55c6aaaf65f2014092bf25971daef13","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:29.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?c55c6aaaf65f2014092bf25971daef13 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11293\r\nContent-Type: application/javascript\r\nDate: Wed, 24 Dec 2025 21:58:29 GMT\r\nEtag: cbbf88c8b0fa41a3e284dfbd370014bf\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=2822E40DF4CBF9F5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":29899,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (623)","md5":"339dd5f5ea61c6f49117b909b918da37","sha1":"7821f1309d2d28da4350d9c691f878a9bcaf544b","sha256":"a16ad93139ec19d590126958798ba84bc4e53c09c6f323c5fc69d00976bc8dee","sha512":"21ed297d2d9d0a731ff20fb0baedcdb40b10e10d51de855601400e537021f2604eae7c9004770b7fd0f52ea32d6dd7fd3c5bfa63d9a7ffa26961f92d04dd9452","ssdeep":"384:huJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:hu4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"5cd2d9a9b282713293a324a5153f324af17b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2025-12-24T21:58:52.171661Z","last_seen":"2025-12-24T21:58:52.171661Z","times_seen":1,"resource_available":true,"data":null}},"time_used":315,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":314,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/rum?","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:29.333Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tchepai.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 23:29:40 GMT","end":"Wed, 11 Feb 2026 00:28:09 GMT"},"fingerprint":{"sha1":"8B:3C:69:E0:C4:98:BD:A9:96:0D:82:95:06:D9:95:D6:53:61:B2:EB","sha256":"41:CF:0C:C6:86:69:7A:85:04:32:9B:03:B2:BA:24:26:DE:DC:93:7E:5B:88:0F:D3:DC:8F:FC:0F:3D:06:AB:40"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: promarkia.tchepai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 1056\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nCookie: Hm_lvt_c55c6aaaf65f2014092bf25971daef13=1766613501; Hm_lpvt_c55c6aaaf65f2014092bf25971daef13=1766613505; HMACCOUNT=B41F89B426AA4740\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1056,"data":"{\"memory\":{},\"resources\":[],\"referrer\":\"https://promarkia.tchepai.com/\",\"eventType\":1,\"firstPaint\":0,\"firstContentfulPaint\":950,\"startTime\":1766613507175,\"versions\":{\"fl\":\"2024.11.0\",\"js\":\"2024.6.1\",\"timings\":2},\"pageloadId\":\"22520d34-75f1-4aad-8ad4-e944b2722042\",\"location\":\"https://promarkia.tchepai.com/\",\"nt\":\"navigate\",\"timingsV2\":{\"unloadEventStart\":585,\"unloadEventEnd\":588,\"domInteractive\":911,\"domContentLoadedEventStart\":1008,\"domContentLoadedEventEnd\":1010,\"domComplete\":1966,\"loadEventStart\":1966,\"loadEventEnd\":1969,\"type\":\"navigate\",\"redirectCount\":0,\"initiatorType\":\"navigation\",\"nextHopProtocol\":\"h3\",\"workerStart\":0,\"redirectStart\":0,\"redirectEnd\":0,\"fetchStart\":1,\"domainLookupStart\":1,\"domainLookupEnd\":1,\"connectStart\":1,\"connectEnd\":1,\"secureConnectionStart\":1,\"requestStart\":8,\"responseStart\":579,\"responseEnd\":580,\"transferSize\":14799,\"encodedBodySize\":14021,\"decodedBodySize\":61212,\"name\":\"https://promarkia.tchepai.com/\",\"entryType\":\"navigation\",\"startTime\":0,\"duration\":1969},\"siteToken\":\"92deb57dede945b8a4cf3d9a4d6c7549\",\"st\":2}"}},"response":{"raw":"HTTP/3 204 No Content\r\naccess-control-allow-origin: https://promarkia.tchepai.com\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-max-age: 86400\r\nvary: Origin, accept-encoding\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BdqqrDrJek9wwtOIkz7YnWljUnRy4D6lcD8fJEUC7WQ5wY%2FSISNvasSY5n%2FUcax8Qp4LKBDGe3EkJ%2FlqUtTvcyAES3CNtmHPbs%2BMNJkvulw5S%2BG6rQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Wed, 24 Dec 2025 21:58:29 GMT\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 9b335c41597f5ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":3,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"promarkia.tchepai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=B41F89B426AA4740\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026lt=1766613501\u0026rnd=1457661856\u0026si=c55c6aaaf65f2014092bf25971daef13\u0026su=https%3A%2F%2Fpromarkia.tchepai.com%2F\u0026v=1.3.2\u0026lv=2\u0026sn=52049\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fpromarkia.tchepai.com%2F\u0026tt=Promarkia-AI%E6%99%BA%E8%83%BD%E8%90%A5%E9%94%80%E5%86%85%E5%AE%B9%E7%94%9F%E6%88%90%E5%B9%B3%E5%8F%B0%EF%BC%8C%E4%B8%80%E9%94%AE%E5%88%9B%E5%BB%BA%E5%9B%BE%E7%89%87%E8%A7%86%E9%A2%91%E5%8D%9A%E5%AE%A2","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:29.488Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=B41F89B426AA4740\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026lt=1766613501\u0026rnd=1457661856\u0026si=c55c6aaaf65f2014092bf25971daef13\u0026su=https%3A%2F%2Fpromarkia.tchepai.com%2F\u0026v=1.3.2\u0026lv=2\u0026sn=52049\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fpromarkia.tchepai.com%2F\u0026tt=Promarkia-AI%E6%99%BA%E8%83%BD%E8%90%A5%E9%94%80%E5%86%85%E5%AE%B9%E7%94%9F%E6%88%90%E5%B9%B3%E5%8F%B0%EF%BC%8C%E4%B8%80%E9%94%AE%E5%88%9B%E5%BB%BA%E5%9B%BE%E7%89%87%E8%A7%86%E9%A2%91%E5%8D%9A%E5%AE%A2 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Wed, 24 Dec 2025 21:58:29 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=AA80ADAB3F1B4245; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-06T10:13:20.046125Z","times_seen":328563,"resource_available":true,"data":null}},"time_used":309,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":309,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:32.041Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Dec 2025 10:36:27 GMT","end":"Fri, 20 Mar 2026 11:36:07 GMT"},"fingerprint":{"sha1":"C6:6A:71:84:C2:40:13:D1:A4:B7:DF:C4:1C:E1:54:F3:76:97:EF:6B","sha256":"EC:09:93:3E:E8:5D:9E:7A:B0:D9:7C:6D:85:49:92:10:89:9F:C8:FF:A5:1B:90:BB:AB:86:7E:D9:BA:0A:1C:4E"}}},"request":{"raw":"GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1\r\nHost: static.cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Dec 2025 21:58:32 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\netag: W/\"2024.6.1\"\r\nlast-modified: Thu, 06 Jun 2024 15:52:56 GMT\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9b335c523e35b4f3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19948,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (19948), with no line terminators","md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-06T09:59:39.016388Z","times_seen":330593,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?c55c6aaaf65f2014092bf25971daef13","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:24.830Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?c55c6aaaf65f2014092bf25971daef13 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11293\r\nContent-Type: application/javascript\r\nDate: Wed, 24 Dec 2025 21:58:25 GMT\r\nEtag: 3cfbde5036497da644f954930bc1ae37\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=522069B2C416022F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":29899,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (623)","md5":"ccbe76242447fbc7200e08fd4098accd","sha1":"d71df87bbb563d617aa1423f3143d581f2e5bc89","sha256":"aeb5ae1f51c282b408bfae91059258f0c062bce4562b00f162ad2d558a41abcb","sha512":"c1340f6a2c977cb8ac7d1080e8e93d99a437ebe14017f09c8ff040f5fe758ba21930e8c9b5dce824a702cf70d8a6845656e727c60bc989e81a8a347cd6c2279c","ssdeep":"384:h0JSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:h04VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"31d2d9e9b282713293a324a5153f324af17b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2025-12-24T21:58:52.173193Z","last_seen":"2025-12-24T21:58:52.173193Z","times_seen":1,"resource_available":true,"data":null}},"time_used":316,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":315,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:28.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tchepai.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 23:29:40 GMT","end":"Wed, 11 Feb 2026 00:28:09 GMT"},"fingerprint":{"sha1":"8B:3C:69:E0:C4:98:BD:A9:96:0D:82:95:06:D9:95:D6:53:61:B2:EB","sha256":"41:CF:0C:C6:86:69:7A:85:04:32:9B:03:B2:BA:24:26:DE:DC:93:7E:5B:88:0F:D3:DC:8F:FC:0F:3D:06:AB:40"}}},"request":{"raw":"GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1\r\nHost: promarkia.tchepai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nCookie: Hm_lvt_c55c6aaaf65f2014092bf25971daef13=1766613501; Hm_lpvt_c55c6aaaf65f2014092bf25971daef13=1766613505; HMACCOUNT=B41F89B426AA4740\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Wed, 24 Dec 2025 22:46:28 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dgdww6y%2BpHRyf1vL0VbYAvZcSNMLkY2K96yLZAabQ77Ip9EM4b2e%2FvbgG3qxxpBvhudVk8NRCy7dORY5FpMqfr1nwiRlzS1alSqzHC3t5WX5iIdNHQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Wed, 24 Dec 2025 21:58:28 GMT\r\ncf-ray: 9b335c3988205ebd-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12332,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12331)","md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-06T10:01:17.366505Z","times_seen":94910,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"promarkia.tchepai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/css/theme-main-1.1.3.css","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:32.036Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/css/theme-main-1.1.3.css HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:32 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6936617e-1cae8\"\r\nexpires: Thu, 25 Dec 2025 09:58:32 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":117480,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (732)","md5":"d0a4610fc379b72980a7056af14b9509","sha1":"4e01d91fdae9dc7eadb35d81860127eaab0c1655","sha256":"59e910dd5b960ce25d16f1aec7bdc130388ad3d70dabd90e87635e58eae50903","sha512":"3b32cb8f818f101bf330b9beaab9c844934e213213bd3d03940890d0fa615bb07fb48449efe531e809e971f760be95771a15f375b498bfcf2d3da85c095600c2","ssdeep":"768:6aA58Y22JZEpeNqVxL5RkwDQd+wTUCAJRvaWzovqQBf2eG:xYtZEpaqPTPwZru","tlshash":"13b3d738ed50213cb627d59b7ac0969dfaa8d003e1764abdba157615c7cb5eb00bf304","first_seen":"2025-12-20T07:28:33.036649Z","last_seen":"2026-01-05T15:56:37.503593Z","times_seen":3,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":247,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/js/theme-plugins-1.1.3.js","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:32.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/js/theme-plugins-1.1.3.js HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:32 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6936617e-39c22\"\r\nexpires: Thu, 25 Dec 2025 09:58:32 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":236578,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (42862)","md5":"3e59d67b0ba8b2b3bd96468da87bf850","sha1":"77f8fa85ea1c19fe9dbb9ca308e519fc94c4ad9b","sha256":"80d5cdf7cce5b31f8812a9df4e972c943d7677674b26360aa5ad9b2eb73b88b6","sha512":"fe0aea01afd7783f89eb8c9ce83e99ce54cdd51088f0484f200d65f1321a4f1e41915a4644588cb878052921564ac53e631ad9e556eac24f0fe2c713a6590912","ssdeep":"6144:jNieePiOow3ApC1j2b1dimpqoqslIfpr1abkKJypN:jNie+iOVh23NQ2ypN","tlshash":"8d3438567340367241e751ca50178105f372ba69b406c0ac72bdced62f9e98a60fffba","first_seen":"2025-10-25T15:53:30.344193Z","last_seen":"2026-03-22T11:49:55.741309Z","times_seen":7,"resource_available":true,"data":null}},"time_used":464,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":464,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/uploads/2025/07/cropped-1752810663-aigcsoft_icon-1-192x192.png","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:19.064Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/uploads/2025/07/cropped-1752810663-aigcsoft_icon-1-192x192.png HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3016\r\nlast-modified: Mon, 03 Nov 2025 02:33:38 GMT\r\netag: \"69081482-bc8\"\r\nexpires: Thu, 24 Dec 2026 21:58:19 GMT\r\nvary: Accept\r\ncache-control: max-age=31536000, private\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3016,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7765727f3e3821d3e6e1431d4b4708e2","sha1":"fa35ca36ac7352c0505444e34f853c3e024ebb23","sha256":"b5ad7a0c1dd1c4f834762167cf1916ec106579cd953d91dcff03331788d06a1f","sha512":"0d8d20dee002c39f4ef83abadd0b06b3d76eb2f6c870c2d0608766f91e47b4f9ccc2b4416c476a54386a4866b6f5474bc2eda7ff4f666300950970537ec81ae1","ssdeep":"","tlshash":"d2514a02b20b7cba894698d672cf0e17066f9be0508562c4db2e22bd0b76088fdc4768","first_seen":"2025-10-29T13:50:29.289202Z","last_seen":"2026-03-22T11:49:55.728698Z","times_seen":6,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:23.037Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tchepai.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 23:29:40 GMT","end":"Wed, 11 Feb 2026 00:28:09 GMT"},"fingerprint":{"sha1":"8B:3C:69:E0:C4:98:BD:A9:96:0D:82:95:06:D9:95:D6:53:61:B2:EB","sha256":"41:CF:0C:C6:86:69:7A:85:04:32:9B:03:B2:BA:24:26:DE:DC:93:7E:5B:88:0F:D3:DC:8F:FC:0F:3D:06:AB:40"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: promarkia.tchepai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nCookie: Hm_lvt_c55c6aaaf65f2014092bf25971daef13=1766613501; Hm_lpvt_c55c6aaaf65f2014092bf25971daef13=1766613501; HMACCOUNT=B41F89B426AA4740\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Wed, 24 Dec 2025 22:46:23 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nbD8VkPcmvjcTHJ8i53TzSk0C6fccQZwDW9c%2Fw9LamuI%2BZQUOA3zSv37pX06cfwOxnrkijmVo0AMUW3T51G7yMQhdMthBaR%2FTAndfUzzxj4k1yMVEg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Wed, 24 Dec 2025 21:58:23 GMT\r\ncf-ray: 9b335c19edcf5ebd-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-06T10:01:44.075126Z","times_seen":293819,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"promarkia.tchepai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/fonts/socicon.woff","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:23.562Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/fonts/socicon.woff HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aigcsoft.site/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:23 GMT\r\ncontent-type: font/woff\r\ncontent-length: 100196\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\netag: \"6936617e-18764\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":32768,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 100196, version 1.1","md5":"6c4617960ef04978cb147a6c99a2ad36","sha1":"ab5b41a2d419a5df8787bd86c181d5e0e8fe647b","sha256":"b6f5618f85429a514971549eef309df8e6e5a2200aa02fdf8fb8dc893b8cae6e","sha512":"3299cff28807b8c75c512c8543626bd86a41b2fdd29403d8d4572cb82440af0c76d8362002feee948b086e5a799dcdb53e8473136dc66020debdebc1d422c5f9","ssdeep":"768:9lKzNdf0kag5fb4VAFmRIKuaEFQvs+TwVDQ5ANcz:SHf0kfdb4GF3KuFQvJ4Ua6z","tlshash":"8be2f50b675aeb5f906151e24c06a4178dc3e305c32fe6a6e2dede54a0146e48c78bff","first_seen":"2025-12-24T21:58:52.177802Z","last_seen":"2025-12-24T21:58:52.177802Z","times_seen":1,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":247,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/uploads/2025/05/bg3.jpg?orientation=landscape\u0026width=1920\u0026height=850","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:32.325Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/bg3.jpg?orientation=landscape\u0026width=1920\u0026height=850 HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 23682\r\nlast-modified: Mon, 03 Nov 2025 02:35:56 GMT\r\netag: \"6908150c-5c82\"\r\nexpires: Thu, 24 Dec 2026 21:58:32 GMT\r\nvary: Accept\r\ncache-control: max-age=31536000, private\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23682,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x850, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"474ef9ffb3d7631a7f573e747b065667","sha1":"2a9a9c059559ca3a97c870a05fa287ea18613f06","sha256":"fe33c5ccf2eed97bf1dd4f55bca0b138a6492c822541f1856c5acce7ad48d893","sha512":"973137a1bfef726c530f0657b5746c73ee637358b8bb3c7aaa3da163e73d5cc58061bea05a3bbdfea82d5a98b498baf6cd80e6f2af04acf5a189529448f13ea4","ssdeep":"384:XL36AO1qPsnZSi7f1Gf4BYYS9XJd347ZiP8YsVyOfpQGVm:rFSqPsnbT12+YTdTo7ZikYWTVm","tlshash":"afb2df2f4b886ce5ed6f05f325b00110541369732eeb9bd8095576e0abb05472e39df7","first_seen":"2025-10-29T13:50:29.298269Z","last_seen":"2026-03-22T11:49:55.685335Z","times_seen":6,"resource_available":false,"data":null}},"time_used":248,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":246,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/uploads/2025/07/cropped-1752810663-aigcsoft_icon-1-192x192.png","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:24.516Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/uploads/2025/07/cropped-1752810663-aigcsoft_icon-1-192x192.png HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:24 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3016\r\nlast-modified: Mon, 03 Nov 2025 02:33:38 GMT\r\netag: \"69081482-bc8\"\r\nexpires: Thu, 24 Dec 2026 21:58:24 GMT\r\nvary: Accept\r\ncache-control: max-age=31536000, private\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3016,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7765727f3e3821d3e6e1431d4b4708e2","sha1":"fa35ca36ac7352c0505444e34f853c3e024ebb23","sha256":"b5ad7a0c1dd1c4f834762167cf1916ec106579cd953d91dcff03331788d06a1f","sha512":"0d8d20dee002c39f4ef83abadd0b06b3d76eb2f6c870c2d0608766f91e47b4f9ccc2b4416c476a54386a4866b6f5474bc2eda7ff4f666300950970537ec81ae1","ssdeep":"","tlshash":"d2514a02b20b7cba894698d672cf0e17066f9be0508562c4db2e22bd0b76088fdc4768","first_seen":"2025-10-29T13:50:29.289202Z","last_seen":"2026-03-22T11:49:55.728698Z","times_seen":6,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/uploads/tool-img/screenshot_a9a4dcd1cad123731fcf500cb0546ef1.jpg","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:28.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/uploads/tool-img/screenshot_a9a4dcd1cad123731fcf500cb0546ef1.jpg HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:28 GMT\r\ncontent-type: image/webp\r\ncontent-length: 62084\r\nlast-modified: Mon, 03 Nov 2025 02:23:32 GMT\r\netag: \"69081224-f284\"\r\nexpires: Thu, 24 Dec 2026 21:58:28 GMT\r\nvary: Accept\r\ncache-control: max-age=31536000, private\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":62084,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x853, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ca733a117d9d35745ffc976739b1dc35","sha1":"547849ca4246bb8a90506f49ba9647125f82eeb6","sha256":"f4de89855c60d9b39a2c8de93ed284a3f9e38bcd942b84ae8ce950dd7f4538d3","sha512":"b8fb64c3700c4597264650d372756296e92809213fe00879922e94e20446e39fbfe30267a703487385096d3ac8ff563b33d9a1f1434ee3f405c743da97bc8cf2","ssdeep":"1536:A05qWuOlx+PqtF5nscVOEmMPccKd2kcbBslPDn4+aF:X5BLPdnssOEMXROKl7xU","tlshash":"5b5301507d71fc77799f12117281f8a5cc934d86b24e8af701ab3a2dd7d36a40b24a07","first_seen":"2025-12-24T21:58:52.151813Z","last_seen":"2025-12-24T21:58:52.151813Z","times_seen":1,"resource_available":false,"data":null}},"time_used":451,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":245,"receive":206,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/fonts/remixicon.woff2?t=1730118419915","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:32.390Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/fonts/remixicon.woff2?t=1730118419915 HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aigcsoft.site/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:32 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 174156\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\netag: \"6936617e-2a84c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16217,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 174156, version 1.0","md5":"6333e3ac6448edbf9ea5162d3ed2bffb","sha1":"81960e0c5fd6212560a4fa5656a083002217c976","sha256":"b9e0c01818561e17c375bd2b8f4cf19b8ff49e20526a5d7875ef9bf2027df419","sha512":"588c9b8469fc3187c48bccdc646581a6ea8b1b80c2cd3d86207d4af65a7e59b75ec8d807e2e785c79a31d96b192865efdb5eb5d2c50ee6e3a49149967686eaa7","ssdeep":"192:+FQJZ1+7NAl2zz11ENhjSKdTcxplT5l9ePEMi7ah2xWEWOgZo8fo3hNWPqzEe6TF:+2J67NAEVX9Ghwzg+8/PqzQ49ifVt","tlshash":"c472bf22d364e1eed1513e35b8a2ebe411200d568303afcd181aaf1c5b775cdadde562","first_seen":"2025-12-20T07:28:33.067289Z","last_seen":"2025-12-24T21:58:52.166121Z","times_seen":2,"resource_available":false,"data":null}},"time_used":667,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":665,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:28.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 28 Aug 2023 09:14:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64ec6570-15601\"\r\nexpires: Thu, 25 Dec 2025 09:58:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":87553,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-06T10:07:55.618232Z","times_seen":689847,"resource_available":true,"data":null}},"time_used":449,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":449,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/js/theme-main-1.1.3.js","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:32.367Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/js/theme-main-1.1.3.js HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:32 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6936617e-857d\"\r\nexpires: Thu, 25 Dec 2025 09:58:32 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":34173,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"2e7e831ad18cb087126df11cfbcf50ce","sha1":"d1234fee2361ab14e80187aa09d47ffa0a967e92","sha256":"a505eaa9662755053e86b75135a4ba3a9441003caac80ce29242c9810011381d","sha512":"0cf3e4cb5a2e014350e1b86e19493d6535c99b25c7c5672554c000d96d56cdbb7408d9059014672cbce73b4f93fa182d5cdd958c9e0ea7531248ef90ba1af08c","ssdeep":"384:bHf1gZB8+4WOsxLEjBCoigtzztO3w4OBm8zX4EFz44VHRSjQyIntg2M/yu3uEJH1:wB84EyH8XNRSjQE3zJYoRJP/WDRk","tlshash":"9be2e614ff3d24ab80baf0da18af25cefa3d5173bd4208a5ecad44941bc085d764d9a7","first_seen":"2025-12-20T07:28:33.039635Z","last_seen":"2026-03-22T11:49:55.735942Z","times_seen":5,"resource_available":true,"data":null}},"time_used":466,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":466,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/css/theme-plugins-1.1.3.css","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:16.495Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/css/theme-plugins-1.1.3.css HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:17 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6936617e-9aa9\"\r\nexpires: Thu, 25 Dec 2025 09:58:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":39593,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (25464)","md5":"18c7ea6fb080ef81443c120744d2d7f9","sha1":"c78b2aa574d070d487083ef689a7c01b2b8f7975","sha256":"ef6e13957e6ae0c7811a8700722957c9ff7773d674405aa4e0ea8681b07017ab","sha512":"eeb457462d14acf3af764ed7706d92c91e5e5c8c86c5f68358ccb42e11ceb9aa0e856a2bdf69929af3c6e05c43081054cff9df29d255dece06c2cf751e0b5ce4","ssdeep":"384:aM1vWMqleliYIWQEe4HlSKfGYkN7rv1dUJVqU4Z4B+28061XNDUn+kGAcKpoBfCn:2leliYIWQELmvyVq4dL61ZhAppoBfCwq","tlshash":"8b03a5d70944362c86238f1593cd884ca63dd693aa225eeb7289b45a83c57d431ff7cb","first_seen":"2025-10-01T09:16:29.319155Z","last_seen":"2026-03-22T11:49:55.731494Z","times_seen":8,"resource_available":false,"data":null}},"time_used":2497,"timings":{"blocked":887,"dns":385,"connect":248,"send":0,"wait":718,"receive":0,"ssl":250},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/fonts/remixicon.ttf?t=1730118419915","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:28.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/fonts/remixicon.ttf?t=1730118419915 HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aigcsoft.site/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:29 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 563252\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\netag: \"6936617e-89834\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16209,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"GSUB\"","md5":"eb0489bd93d5f4d5f206b342c3837496","sha1":"969c5fc7ea62eda60870c3a7e9b138903de01f74","sha256":"8e6cc534e23123e5a06e7de297ad4ed5a480e09098e2c3ed824c789474b65fc8","sha512":"781a36c17578c6932b029b72f69a17881c88851653a850eb08d8f820c7e247e9394924b29cee7dcf6bcfb54b69bb393090364443e7518f0e740b76e7473ca7ac","ssdeep":"48:zUkBL2HHuxl8BgY8HF0CEVEAF373XVnE22n4nIwn0fyjA33nn5H:zUkBLWOj5rWCI/VrlE2W4/0Ks35","tlshash":"6c722a529363ff92c1f90432367a9f3a6d28f50061a55a26fe0296e5c8a6770bc05cd3","first_seen":"2025-12-20T07:28:33.063544Z","last_seen":"2025-12-24T21:58:52.143593Z","times_seen":2,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/fonts/socicon.woff","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:32.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/fonts/socicon.woff HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aigcsoft.site/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:32 GMT\r\ncontent-type: font/woff\r\ncontent-length: 100196\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\netag: \"6936617e-18764\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16218,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 100196, version 1.1","md5":"404c2460687cd601de7b0bcd048ed6d9","sha1":"3a0399d6b8904c1d2d9bc6950861468c5f9d20a7","sha256":"d36a6ebf104049f44f167a15e316cb9084b7b2e4b61c4e45c8a7f75499c87337","sha512":"365ac7d622a4e708b4e19d08790eadf09ae805fda3bab8e0ee467c4937431684cf15d34660a4ea8871620bbac4a76a9106b1ba4351aef43425c786cfb8005312","ssdeep":"192:7y0lCEnJ4YsvV2izyKzvwIdyU70kFwgDt52OIhwjVysCgxbKbxR+hOHlKJwdsK0U:3lPJ892+yKzNdr70kag5FbVbLcVAfKaM","tlshash":"2b72d60b276aeb1e906651e34c02a4138dc7e301833be6a6d2dede4851056f49d7dafe","first_seen":"2025-12-20T07:28:33.060869Z","last_seen":"2025-12-24T21:58:52.16276Z","times_seen":2,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":245,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:32.375Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:32 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 28 Aug 2023 09:14:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64ec6570-15601\"\r\nexpires: Thu, 25 Dec 2025 09:58:32 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":87553,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-06T10:07:55.618232Z","times_seen":689847,"resource_available":true,"data":null}},"time_used":472,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":472,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:23.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tchepai.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 23:29:40 GMT","end":"Wed, 11 Feb 2026 00:28:09 GMT"},"fingerprint":{"sha1":"8B:3C:69:E0:C4:98:BD:A9:96:0D:82:95:06:D9:95:D6:53:61:B2:EB","sha256":"41:CF:0C:C6:86:69:7A:85:04:32:9B:03:B2:BA:24:26:DE:DC:93:7E:5B:88:0F:D3:DC:8F:FC:0F:3D:06:AB:40"}}},"request":{"raw":"GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1\r\nHost: promarkia.tchepai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nCookie: Hm_lvt_c55c6aaaf65f2014092bf25971daef13=1766613501; Hm_lpvt_c55c6aaaf65f2014092bf25971daef13=1766613501; HMACCOUNT=B41F89B426AA4740\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Wed, 24 Dec 2025 22:46:23 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UTf53bBYJ49%2BzksUmQjPhyjsS1iT%2Fk30cqDNcHhHD%2FsuvxF1ZyMmypgug0%2FpEoWdGZm2HJEobjg7HfjzKlW4GtQX%2FgpFr11Fu7bYh7VMi2LSULJogw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Wed, 24 Dec 2025 21:58:23 GMT\r\ncf-ray: 9b335c1d2dfd5ebd-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12332,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12331)","md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-06T10:01:17.366505Z","times_seen":94910,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"promarkia.tchepai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/js/theme-plugins-1.1.3.js","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:23.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/js/theme-plugins-1.1.3.js HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:23 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6936617e-39c22\"\r\nexpires: Thu, 25 Dec 2025 09:58:23 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":236578,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (42862)","md5":"3e59d67b0ba8b2b3bd96468da87bf850","sha1":"77f8fa85ea1c19fe9dbb9ca308e519fc94c4ad9b","sha256":"80d5cdf7cce5b31f8812a9df4e972c943d7677674b26360aa5ad9b2eb73b88b6","sha512":"fe0aea01afd7783f89eb8c9ce83e99ce54cdd51088f0484f200d65f1321a4f1e41915a4644588cb878052921564ac53e631ad9e556eac24f0fe2c713a6590912","ssdeep":"6144:jNieePiOow3ApC1j2b1dimpqoqslIfpr1abkKJypN:jNie+iOVh23NQ2ypN","tlshash":"8d3438567340367241e751ca50178105f372ba69b406c0ac72bdced62f9e98a60fffba","first_seen":"2025-10-25T15:53:30.344193Z","last_seen":"2026-03-22T11:49:55.741309Z","times_seen":7,"resource_available":true,"data":null}},"time_used":695,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":695,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=B41F89B426AA4740\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026lt=1766613501\u0026rnd=2026252660\u0026si=c55c6aaaf65f2014092bf25971daef13\u0026su=https%3A%2F%2Fpromarkia.tchepai.com%2F\u0026v=1.3.2\u0026lv=2\u0026sn=52054\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fpromarkia.tchepai.com%2F\u0026tt=Promarkia-AI%E6%99%BA%E8%83%BD%E8%90%A5%E9%94%80%E5%86%85%E5%AE%B9%E7%94%9F%E6%88%90%E5%B9%B3%E5%8F%B0%EF%BC%8C%E4%B8%80%E9%94%AE%E5%88%9B%E5%BB%BA%E5%9B%BE%E7%89%87%E8%A7%86%E9%A2%91%E5%8D%9A%E5%AE%A2","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:33.910Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=B41F89B426AA4740\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026lt=1766613501\u0026rnd=2026252660\u0026si=c55c6aaaf65f2014092bf25971daef13\u0026su=https%3A%2F%2Fpromarkia.tchepai.com%2F\u0026v=1.3.2\u0026lv=2\u0026sn=52054\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fpromarkia.tchepai.com%2F\u0026tt=Promarkia-AI%E6%99%BA%E8%83%BD%E8%90%A5%E9%94%80%E5%86%85%E5%AE%B9%E7%94%9F%E6%88%90%E5%B9%B3%E5%8F%B0%EF%BC%8C%E4%B8%80%E9%94%AE%E5%88%9B%E5%BB%BA%E5%9B%BE%E7%89%87%E8%A7%86%E9%A2%91%E5%8D%9A%E5%AE%A2 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Wed, 24 Dec 2025 21:58:34 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=8E2626F2F4F30F21; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-06T10:13:20.046125Z","times_seen":328563,"resource_available":true,"data":null}},"time_used":309,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":308,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/uploads/2025/07/svg_text_example-1.png","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:32.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/uploads/2025/07/svg_text_example-1.png HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 4044\r\nlast-modified: Mon, 03 Nov 2025 02:33:37 GMT\r\netag: \"69081481-fcc\"\r\nexpires: Thu, 24 Dec 2026 21:58:32 GMT\r\nvary: Accept\r\ncache-control: max-age=31536000, private\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4044,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a7f36d7e6fe4b37b9644beb4a6d58a90","sha1":"d4bb583da6b28a0f6bc70be526872416a4ed4acc","sha256":"25392e261de2f11d4f4edd9d5db14f28bd819c09052eceab1fddb0c0f97451fd","sha512":"241ae9883b38200d5e8c1ab7ef5f47dc2d68265db9838450c5a53f16d623ded2f83659d15c1687ab4a1ace9030f2ec2055c1f8f3fcc6601ae3b7e95ccce2caa7","ssdeep":"","tlshash":"68818f5221611f73cf4cd22a578013f79b06d6bc35e62eaab3a031d78186638b4b47c5","first_seen":"2025-10-29T13:50:29.29232Z","last_seen":"2026-03-22T11:49:55.680452Z","times_seen":6,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":243,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/rum?","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:19.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tchepai.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 23:29:40 GMT","end":"Wed, 11 Feb 2026 00:28:09 GMT"},"fingerprint":{"sha1":"8B:3C:69:E0:C4:98:BD:A9:96:0D:82:95:06:D9:95:D6:53:61:B2:EB","sha256":"41:CF:0C:C6:86:69:7A:85:04:32:9B:03:B2:BA:24:26:DE:DC:93:7E:5B:88:0F:D3:DC:8F:FC:0F:3D:06:AB:40"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: promarkia.tchepai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 1033\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1033,"data":"{\"memory\":{},\"resources\":[],\"referrer\":\"\",\"eventType\":1,\"firstPaint\":0,\"firstContentfulPaint\":3034,\"startTime\":1766613495197,\"versions\":{\"fl\":\"2024.11.0\",\"js\":\"2024.6.1\",\"timings\":2},\"pageloadId\":\"ffdfc42e-39f9-4797-a707-270ff16fcc90\",\"location\":\"https://promarkia.tchepai.com/\",\"nt\":\"navigate\",\"timingsV2\":{\"unloadEventStart\":0,\"unloadEventEnd\":0,\"domInteractive\":2950,\"domContentLoadedEventStart\":3083,\"domContentLoadedEventEnd\":3088,\"domComplete\":4212,\"loadEventStart\":4212,\"loadEventEnd\":4214,\"type\":\"navigate\",\"redirectCount\":0,\"initiatorType\":\"navigation\",\"nextHopProtocol\":\"h2\",\"workerStart\":0,\"redirectStart\":0,\"redirectEnd\":0,\"fetchStart\":58,\"domainLookupStart\":61,\"domainLookupEnd\":62,\"connectStart\":62,\"connectEnd\":88,\"secureConnectionStart\":67,\"requestStart\":88,\"responseStart\":1115,\"responseEnd\":1116,\"transferSize\":14771,\"encodedBodySize\":14018,\"decodedBodySize\":61212,\"name\":\"https://promarkia.tchepai.com/\",\"entryType\":\"navigation\",\"startTime\":0,\"duration\":4214},\"siteToken\":\"92deb57dede945b8a4cf3d9a4d6c7549\",\"st\":2}"}},"response":{"raw":"HTTP/3 204 No Content\r\naccess-control-allow-origin: https://promarkia.tchepai.com\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-max-age: 86400\r\nvary: Origin, accept-encoding\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KscpAAJFMCsj%2FbzcMD9nkhxALrt0ezp3ADAsTb7aZNlsxfdh8yh7%2FEgVBD1a9M1RTR8LcPNdXHXbmUUfjrDPZNAkdfLL6ikCs0hQaabn6BYZMID08Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Wed, 24 Dec 2025 21:58:19 GMT\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 9b335c0559255ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"promarkia.tchepai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/uploads/2025/07/svg_text_example-1.png","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:23.542Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/uploads/2025/07/svg_text_example-1.png HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:23 GMT\r\ncontent-type: image/webp\r\ncontent-length: 4044\r\nlast-modified: Mon, 03 Nov 2025 02:33:37 GMT\r\netag: \"69081481-fcc\"\r\nexpires: Thu, 24 Dec 2026 21:58:23 GMT\r\nvary: Accept\r\ncache-control: max-age=31536000, private\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4044,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a7f36d7e6fe4b37b9644beb4a6d58a90","sha1":"d4bb583da6b28a0f6bc70be526872416a4ed4acc","sha256":"25392e261de2f11d4f4edd9d5db14f28bd819c09052eceab1fddb0c0f97451fd","sha512":"241ae9883b38200d5e8c1ab7ef5f47dc2d68265db9838450c5a53f16d623ded2f83659d15c1687ab4a1ace9030f2ec2055c1f8f3fcc6601ae3b7e95ccce2caa7","ssdeep":"","tlshash":"68818f5221611f73cf4cd22a578013f79b06d6bc35e62eaab3a031d78186638b4b47c5","first_seen":"2025-10-29T13:50:29.29232Z","last_seen":"2026-03-22T11:49:55.680452Z","times_seen":6,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=B41F89B426AA4740\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026ep=2143%2C2143\u0026et=3\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=151555246\u0026si=c55c6aaaf65f2014092bf25971daef13\u0026v=1.3.2\u0026lv=1\u0026sn=52041\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fpromarkia.tchepai.com%2F","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:25.159Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=B41F89B426AA4740\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026ep=2143%2C2143\u0026et=3\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=151555246\u0026si=c55c6aaaf65f2014092bf25971daef13\u0026v=1.3.2\u0026lv=1\u0026sn=52041\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fpromarkia.tchepai.com%2F HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Wed, 24 Dec 2025 21:58:25 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=3172016AFCD255B9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-06T10:13:20.046125Z","times_seen":328563,"resource_available":true,"data":null}},"time_used":314,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":314,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:27.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Dec 2025 10:36:27 GMT","end":"Fri, 20 Mar 2026 11:36:07 GMT"},"fingerprint":{"sha1":"C6:6A:71:84:C2:40:13:D1:A4:B7:DF:C4:1C:E1:54:F3:76:97:EF:6B","sha256":"EC:09:93:3E:E8:5D:9E:7A:B0:D9:7C:6D:85:49:92:10:89:9F:C8:FF:A5:1B:90:BB:AB:86:7E:D9:BA:0A:1C:4E"}}},"request":{"raw":"GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1\r\nHost: static.cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Dec 2025 21:58:27 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\netag: W/\"2024.6.1\"\r\nlast-modified: Thu, 06 Jun 2024 15:52:56 GMT\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9b335c37ca90b4f3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19948,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (19948), with no line terminators","md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-06T09:59:39.016388Z","times_seen":330593,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/uploads/2025/07/cropped-1752810663-aigcsoft_icon-1-192x192.png","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:33.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/uploads/2025/07/cropped-1752810663-aigcsoft_icon-1-192x192.png HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:33 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3016\r\nlast-modified: Mon, 03 Nov 2025 02:33:38 GMT\r\netag: \"69081482-bc8\"\r\nexpires: Thu, 24 Dec 2026 21:58:33 GMT\r\nvary: Accept\r\ncache-control: max-age=31536000, private\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3016,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7765727f3e3821d3e6e1431d4b4708e2","sha1":"fa35ca36ac7352c0505444e34f853c3e024ebb23","sha256":"b5ad7a0c1dd1c4f834762167cf1916ec106579cd953d91dcff03331788d06a1f","sha512":"0d8d20dee002c39f4ef83abadd0b06b3d76eb2f6c870c2d0608766f91e47b4f9ccc2b4416c476a54386a4866b6f5474bc2eda7ff4f666300950970537ec81ae1","ssdeep":"","tlshash":"d2514a02b20b7cba894698d672cf0e17066f9be0508562c4db2e22bd0b76088fdc4768","first_seen":"2025-10-29T13:50:29.289202Z","last_seen":"2026-03-22T11:49:55.728698Z","times_seen":6,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/css/theme-main-1.1.3.css","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:16.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/css/theme-main-1.1.3.css HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:17 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6936617e-1cae8\"\r\nexpires: Thu, 25 Dec 2025 09:58:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":117480,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (732)","md5":"d0a4610fc379b72980a7056af14b9509","sha1":"4e01d91fdae9dc7eadb35d81860127eaab0c1655","sha256":"59e910dd5b960ce25d16f1aec7bdc130388ad3d70dabd90e87635e58eae50903","sha512":"3b32cb8f818f101bf330b9beaab9c844934e213213bd3d03940890d0fa615bb07fb48449efe531e809e971f760be95771a15f375b498bfcf2d3da85c095600c2","ssdeep":"768:6aA58Y22JZEpeNqVxL5RkwDQd+wTUCAJRvaWzovqQBf2eG:xYtZEpaqPTPwZru","tlshash":"13b3d738ed50213cb627d59b7ac0969dfaa8d003e1764abdba157615c7cb5eb00bf304","first_seen":"2025-12-20T07:28:33.036649Z","last_seen":"2026-01-05T15:56:37.503593Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2487,"timings":{"blocked":879,"dns":384,"connect":247,"send":0,"wait":722,"receive":0,"ssl":249},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/uploads/2025/05/bg3.jpg?orientation=landscape\u0026width=1920\u0026height=850","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:18.159Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/bg3.jpg?orientation=landscape\u0026width=1920\u0026height=850 HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:18 GMT\r\ncontent-type: image/webp\r\ncontent-length: 23682\r\nlast-modified: Mon, 03 Nov 2025 02:35:56 GMT\r\netag: \"6908150c-5c82\"\r\nexpires: Thu, 24 Dec 2026 21:58:18 GMT\r\nvary: Accept\r\ncache-control: max-age=31536000, private\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23682,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x850, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"474ef9ffb3d7631a7f573e747b065667","sha1":"2a9a9c059559ca3a97c870a05fa287ea18613f06","sha256":"fe33c5ccf2eed97bf1dd4f55bca0b138a6492c822541f1856c5acce7ad48d893","sha512":"973137a1bfef726c530f0657b5746c73ee637358b8bb3c7aaa3da163e73d5cc58061bea05a3bbdfea82d5a98b498baf6cd80e6f2af04acf5a189529448f13ea4","ssdeep":"384:XL36AO1qPsnZSi7f1Gf4BYYS9XJd347ZiP8YsVyOfpQGVm:rFSqPsnbT12+YTdTo7ZikYWTVm","tlshash":"afb2df2f4b886ce5ed6f05f325b00110541369732eeb9bd8095576e0abb05472e39df7","first_seen":"2025-10-29T13:50:29.298269Z","last_seen":"2026-03-22T11:49:55.685335Z","times_seen":6,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":245,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/fonts/socicon.woff","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:18.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/fonts/socicon.woff HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aigcsoft.site/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:18 GMT\r\ncontent-type: font/woff\r\ncontent-length: 100196\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\netag: \"6936617e-18764\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16218,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 100196, version 1.1","md5":"404c2460687cd601de7b0bcd048ed6d9","sha1":"3a0399d6b8904c1d2d9bc6950861468c5f9d20a7","sha256":"d36a6ebf104049f44f167a15e316cb9084b7b2e4b61c4e45c8a7f75499c87337","sha512":"365ac7d622a4e708b4e19d08790eadf09ae805fda3bab8e0ee467c4937431684cf15d34660a4ea8871620bbac4a76a9106b1ba4351aef43425c786cfb8005312","ssdeep":"192:7y0lCEnJ4YsvV2izyKzvwIdyU70kFwgDt52OIhwjVysCgxbKbxR+hOHlKJwdsK0U:3lPJ892+yKzNdr70kag5FbVbLcVAfKaM","tlshash":"2b72d60b276aeb1e906651e34c02a4138dc7e301833be6a6d2dede4851056f49d7dafe","first_seen":"2025-12-20T07:28:33.060869Z","last_seen":"2025-12-24T21:58:52.16276Z","times_seen":2,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":246,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/css/theme-main-1.1.3.css","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:23.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/css/theme-main-1.1.3.css HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:23 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6936617e-1cae8\"\r\nexpires: Thu, 25 Dec 2025 09:58:23 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":117480,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (732)","md5":"d0a4610fc379b72980a7056af14b9509","sha1":"4e01d91fdae9dc7eadb35d81860127eaab0c1655","sha256":"59e910dd5b960ce25d16f1aec7bdc130388ad3d70dabd90e87635e58eae50903","sha512":"3b32cb8f818f101bf330b9beaab9c844934e213213bd3d03940890d0fa615bb07fb48449efe531e809e971f760be95771a15f375b498bfcf2d3da85c095600c2","ssdeep":"768:6aA58Y22JZEpeNqVxL5RkwDQd+wTUCAJRvaWzovqQBf2eG:xYtZEpaqPTPwZru","tlshash":"13b3d738ed50213cb627d59b7ac0969dfaa8d003e1764abdba157615c7cb5eb00bf304","first_seen":"2025-12-20T07:28:33.036649Z","last_seen":"2026-01-05T15:56:37.503593Z","times_seen":3,"resource_available":false,"data":null}},"time_used":487,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":487,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/css/theme-plugins-1.1.3.css","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:32.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/css/theme-plugins-1.1.3.css HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:32 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6936617e-9aa9\"\r\nexpires: Thu, 25 Dec 2025 09:58:32 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":39593,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (25464)","md5":"18c7ea6fb080ef81443c120744d2d7f9","sha1":"c78b2aa574d070d487083ef689a7c01b2b8f7975","sha256":"ef6e13957e6ae0c7811a8700722957c9ff7773d674405aa4e0ea8681b07017ab","sha512":"eeb457462d14acf3af764ed7706d92c91e5e5c8c86c5f68358ccb42e11ceb9aa0e856a2bdf69929af3c6e05c43081054cff9df29d255dece06c2cf751e0b5ce4","ssdeep":"384:aM1vWMqleliYIWQEe4HlSKfGYkN7rv1dUJVqU4Z4B+28061XNDUn+kGAcKpoBfCn:2leliYIWQELmvyVq4dL61ZhAppoBfCwq","tlshash":"8b03a5d70944362c86238f1593cd884ca63dd693aa225eeb7289b45a83c57d431ff7cb","first_seen":"2025-10-01T09:16:29.319155Z","last_seen":"2026-03-22T11:49:55.731494Z","times_seen":8,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:32.040Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tchepai.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 23:29:40 GMT","end":"Wed, 11 Feb 2026 00:28:09 GMT"},"fingerprint":{"sha1":"8B:3C:69:E0:C4:98:BD:A9:96:0D:82:95:06:D9:95:D6:53:61:B2:EB","sha256":"41:CF:0C:C6:86:69:7A:85:04:32:9B:03:B2:BA:24:26:DE:DC:93:7E:5B:88:0F:D3:DC:8F:FC:0F:3D:06:AB:40"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: promarkia.tchepai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nCookie: Hm_lvt_c55c6aaaf65f2014092bf25971daef13=1766613501; Hm_lpvt_c55c6aaaf65f2014092bf25971daef13=1766613509; HMACCOUNT=B41F89B426AA4740\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Wed, 24 Dec 2025 22:46:32 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tW60weJw70Ak0oNBmgpNww2Zk1K7HFHdSGG4Sx%2BUE88FBio6eC0tJiAT8JxIw%2FxTQMlFvWqUBInlEixFWpGkXEjHgnz%2FxjnH8PdnGnwz7%2BWUs14Rcg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Wed, 24 Dec 2025 21:58:32 GMT\r\ncf-ray: 9b335c523be15ebd-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-06T10:01:44.075126Z","times_seen":293819,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"promarkia.tchepai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/fonts/socicon.ttf","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:32.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/fonts/socicon.ttf HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aigcsoft.site/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:32 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 100120\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\netag: \"6936617e-18718\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16209,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"OS/2\"","md5":"32eb61f4ac815f9eb9dc0a24c954ce06","sha1":"b92816b40b1e64e00d0897d5f5cac7323df2f7d3","sha256":"41d9662b59f0de5ef0c613f569bf21cb710ab13de227f4e05c5ba3b0ebb2e0bc","sha512":"ffa93630ee131b583c44ab7ee20122c86cc3d7ecc8522e0927b9f25891c388be5109f44a41e1ec9e9725f9e38afb2c830b77805d942296ecddf40c0e5fe1bde6","ssdeep":"192:SlCEnJ4YsvV2izyKzvwIdyU70kFwgDt52OIhwjVysCgxbKbxR+hOHlKJwdsK0Piq:SlPJ892+yKzNdr70kag5FbVbLcVAfKaj","tlshash":"7c72c60b276aeb1e906651e34c02a4138dc7e301833be6a6d3dede4861155f49c7dafe","first_seen":"2025-12-20T07:28:33.050376Z","last_seen":"2025-12-24T21:58:52.157174Z","times_seen":2,"resource_available":false,"data":null}},"time_used":505,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":503,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/css/theme-plugins-1.1.3.css","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:23.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/css/theme-plugins-1.1.3.css HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:23 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6936617e-9aa9\"\r\nexpires: Thu, 25 Dec 2025 09:58:23 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":39593,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (25464)","md5":"18c7ea6fb080ef81443c120744d2d7f9","sha1":"c78b2aa574d070d487083ef689a7c01b2b8f7975","sha256":"ef6e13957e6ae0c7811a8700722957c9ff7773d674405aa4e0ea8681b07017ab","sha512":"eeb457462d14acf3af764ed7706d92c91e5e5c8c86c5f68358ccb42e11ceb9aa0e856a2bdf69929af3c6e05c43081054cff9df29d255dece06c2cf751e0b5ce4","ssdeep":"384:aM1vWMqleliYIWQEe4HlSKfGYkN7rv1dUJVqU4Z4B+28061XNDUn+kGAcKpoBfCn:2leliYIWQELmvyVq4dL61ZhAppoBfCwq","tlshash":"8b03a5d70944362c86238f1593cd884ca63dd693aa225eeb7289b45a83c57d431ff7cb","first_seen":"2025-10-01T09:16:29.319155Z","last_seen":"2026-03-22T11:49:55.731494Z","times_seen":8,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/uploads/2025/07/cropped-1752810663-aigcsoft_icon-1-192x192.png","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:28.741Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/uploads/2025/07/cropped-1752810663-aigcsoft_icon-1-192x192.png HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:28 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3016\r\nlast-modified: Mon, 03 Nov 2025 02:33:38 GMT\r\netag: \"69081482-bc8\"\r\nexpires: Thu, 24 Dec 2026 21:58:28 GMT\r\nvary: Accept\r\ncache-control: max-age=31536000, private\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3016,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7765727f3e3821d3e6e1431d4b4708e2","sha1":"fa35ca36ac7352c0505444e34f853c3e024ebb23","sha256":"b5ad7a0c1dd1c4f834762167cf1916ec106579cd953d91dcff03331788d06a1f","sha512":"0d8d20dee002c39f4ef83abadd0b06b3d76eb2f6c870c2d0608766f91e47b4f9ccc2b4416c476a54386a4866b6f5474bc2eda7ff4f666300950970537ec81ae1","ssdeep":"","tlshash":"d2514a02b20b7cba894698d672cf0e17066f9be0508562c4db2e22bd0b76088fdc4768","first_seen":"2025-10-29T13:50:29.289202Z","last_seen":"2026-03-22T11:49:55.728698Z","times_seen":6,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":243,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/uploads/2025/07/cropped-1752810663-aigcsoft_icon-1-32x32.png","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:19.066Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/uploads/2025/07/cropped-1752810663-aigcsoft_icon-1-32x32.png HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 562\r\nlast-modified: Mon, 03 Nov 2025 02:33:38 GMT\r\netag: \"69081482-232\"\r\nexpires: Thu, 24 Dec 2026 21:58:19 GMT\r\nvary: Accept\r\ncache-control: max-age=31536000, private\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":562,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a59182f675a7e025695c9d0e099dce66","sha1":"3c61a5618341793b0af0cd3b038a36ff110cfd01","sha256":"71f1620efe55801bc4796da9c846e4b03c1d1f297bdf887732b732048c86fae5","sha512":"9855423706c371365ec07b5b3f87d0b5911483fdb3a7141bc9e4c987ddc22759e1db42e0064670525d3a1a918898fb77852a7a1134ac07b1f00b57a7a1ad0a9d","ssdeep":"","tlshash":"a2f026c85bd98da0bc014e3b74479e5d3c07a59d55a0f793c40860e565354865bf9fc4","first_seen":"2025-10-29T13:50:29.301014Z","last_seen":"2026-03-22T11:49:55.738593Z","times_seen":6,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/uploads/2025/07/svg_text_example-1.png","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:28.083Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/uploads/2025/07/svg_text_example-1.png HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:28 GMT\r\ncontent-type: image/webp\r\ncontent-length: 4044\r\nlast-modified: Mon, 03 Nov 2025 02:33:37 GMT\r\netag: \"69081481-fcc\"\r\nexpires: Thu, 24 Dec 2026 21:58:28 GMT\r\nvary: Accept\r\ncache-control: max-age=31536000, private\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4044,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a7f36d7e6fe4b37b9644beb4a6d58a90","sha1":"d4bb583da6b28a0f6bc70be526872416a4ed4acc","sha256":"25392e261de2f11d4f4edd9d5db14f28bd819c09052eceab1fddb0c0f97451fd","sha512":"241ae9883b38200d5e8c1ab7ef5f47dc2d68265db9838450c5a53f16d623ded2f83659d15c1687ab4a1ace9030f2ec2055c1f8f3fcc6601ae3b7e95ccce2caa7","ssdeep":"","tlshash":"68818f5221611f73cf4cd22a578013f79b06d6bc35e62eaab3a031d78186638b4b47c5","first_seen":"2025-10-29T13:50:29.29232Z","last_seen":"2026-03-22T11:49:55.680452Z","times_seen":6,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=B41F89B426AA4740\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026ep=2143%2C2143\u0026et=3\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=151555246\u0026si=c55c6aaaf65f2014092bf25971daef13\u0026v=1.3.2\u0026lv=1\u0026sn=52041\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fpromarkia.tchepai.com%2F","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:23.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=B41F89B426AA4740\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026ep=2143%2C2143\u0026et=3\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=151555246\u0026si=c55c6aaaf65f2014092bf25971daef13\u0026v=1.3.2\u0026lv=1\u0026sn=52041\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fpromarkia.tchepai.com%2F HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Wed, 24 Dec 2025 21:58:23 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=049D61151E4C965A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-06T10:13:20.046125Z","times_seen":328563,"resource_available":true,"data":null}},"time_used":316,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":316,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/js/theme-main-1.1.3.js","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:28.150Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/js/theme-main-1.1.3.js HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6936617e-857d\"\r\nexpires: Thu, 25 Dec 2025 09:58:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":34173,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"2e7e831ad18cb087126df11cfbcf50ce","sha1":"d1234fee2361ab14e80187aa09d47ffa0a967e92","sha256":"a505eaa9662755053e86b75135a4ba3a9441003caac80ce29242c9810011381d","sha512":"0cf3e4cb5a2e014350e1b86e19493d6535c99b25c7c5672554c000d96d56cdbb7408d9059014672cbce73b4f93fa182d5cdd958c9e0ea7531248ef90ba1af08c","ssdeep":"384:bHf1gZB8+4WOsxLEjBCoigtzztO3w4OBm8zX4EFz44VHRSjQyIntg2M/yu3uEJH1:wB84EyH8XNRSjQE3zJYoRJP/WDRk","tlshash":"9be2e614ff3d24ab80baf0da18af25cefa3d5173bd4208a5ecad44941bc085d764d9a7","first_seen":"2025-12-20T07:28:33.039635Z","last_seen":"2026-03-22T11:49:55.735942Z","times_seen":5,"resource_available":true,"data":null}},"time_used":443,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":443,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/js/jquery.qrcode.min.js","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:32.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/js/jquery.qrcode.min.js HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:32 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6936617e-36ab\"\r\nexpires: Thu, 25 Dec 2025 09:58:32 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13995,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (544)","md5":"05f0b1d7d4b9b0b4975870606d650e3c","sha1":"f424bd339870510d1160d1c5da5d698aedbb452e","sha256":"f4ccf02b69092819ac24575c717a080c3b6c6d6161f1b8d82bf0bb523075032d","sha512":"34551c0e59b857e6b6b233d7ee04442178024858daf5c1ed28f38bd738fa4219c4d2f718ebde4c3837a1aa46866132f22f6c317bfc2daf8678f52bea5ead7651","ssdeep":"384:ILEsd9QYYAA1TRjjrlqgbHH/sgDZUnEbBIg4:wIFbVg","tlshash":"b452c8d1f39142b7b1466cd9681f289e98e8a4a3ac14955cbfb8c0e2e674fd16478f30","first_seen":"2023-03-07T01:15:08Z","last_seen":"2026-04-06T07:56:20.545163Z","times_seen":3607,"resource_available":true,"data":null}},"time_used":467,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":467,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:23.035Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tchepai.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 23:29:40 GMT","end":"Wed, 11 Feb 2026 00:28:09 GMT"},"fingerprint":{"sha1":"8B:3C:69:E0:C4:98:BD:A9:96:0D:82:95:06:D9:95:D6:53:61:B2:EB","sha256":"41:CF:0C:C6:86:69:7A:85:04:32:9B:03:B2:BA:24:26:DE:DC:93:7E:5B:88:0F:D3:DC:8F:FC:0F:3D:06:AB:40"}}},"request":{"raw":"GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1\r\nHost: promarkia.tchepai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nCookie: Hm_lvt_c55c6aaaf65f2014092bf25971daef13=1766613501; Hm_lpvt_c55c6aaaf65f2014092bf25971daef13=1766613501; HMACCOUNT=B41F89B426AA4740\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Wed, 24 Dec 2025 22:46:23 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=f3T2jY9hF6z31rhHFTBG%2FEnUhgFcHa3bQFzT0BC5ATQHFA3D634%2Fwn8xWOplGZVrKjLlDPesS%2FeJC677%2Bb6lq1QC5AzDa0h5vW57Evf69k4qSUQZzw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Wed, 24 Dec 2025 21:58:23 GMT\r\ncf-ray: 9b335c19edcd5ebd-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12332,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12331)","md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-06T10:01:17.366505Z","times_seen":94910,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"promarkia.tchepai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/css/theme-plugins-1.1.3.css","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:27.807Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/css/theme-plugins-1.1.3.css HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:27 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6936617e-9aa9\"\r\nexpires: Thu, 25 Dec 2025 09:58:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":39593,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (25464)","md5":"18c7ea6fb080ef81443c120744d2d7f9","sha1":"c78b2aa574d070d487083ef689a7c01b2b8f7975","sha256":"ef6e13957e6ae0c7811a8700722957c9ff7773d674405aa4e0ea8681b07017ab","sha512":"eeb457462d14acf3af764ed7706d92c91e5e5c8c86c5f68358ccb42e11ceb9aa0e856a2bdf69929af3c6e05c43081054cff9df29d255dece06c2cf751e0b5ce4","ssdeep":"384:aM1vWMqleliYIWQEe4HlSKfGYkN7rv1dUJVqU4Z4B+28061XNDUn+kGAcKpoBfCn:2leliYIWQELmvyVq4dL61ZhAppoBfCwq","tlshash":"8b03a5d70944362c86238f1593cd884ca63dd693aa225eeb7289b45a83c57d431ff7cb","first_seen":"2025-10-01T09:16:29.319155Z","last_seen":"2026-03-22T11:49:55.731494Z","times_seen":8,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":244,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/css/theme-main-1.1.3.css","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:27.809Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/css/theme-main-1.1.3.css HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:27 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6936617e-1cae8\"\r\nexpires: Thu, 25 Dec 2025 09:58:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":117480,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (732)","md5":"d0a4610fc379b72980a7056af14b9509","sha1":"4e01d91fdae9dc7eadb35d81860127eaab0c1655","sha256":"59e910dd5b960ce25d16f1aec7bdc130388ad3d70dabd90e87635e58eae50903","sha512":"3b32cb8f818f101bf330b9beaab9c844934e213213bd3d03940890d0fa615bb07fb48449efe531e809e971f760be95771a15f375b498bfcf2d3da85c095600c2","ssdeep":"768:6aA58Y22JZEpeNqVxL5RkwDQd+wTUCAJRvaWzovqQBf2eG:xYtZEpaqPTPwZru","tlshash":"13b3d738ed50213cb627d59b7ac0969dfaa8d003e1764abdba157615c7cb5eb00bf304","first_seen":"2025-12-20T07:28:33.036649Z","last_seen":"2026-01-05T15:56:37.503593Z","times_seen":3,"resource_available":false,"data":null}},"time_used":248,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=2822E40DF4CBF9F5\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026ep=2504%2C2503\u0026et=3\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026lt=1766613501\u0026rnd=414955135\u0026si=c55c6aaaf65f2014092bf25971daef13\u0026su=https%3A%2F%2Fpromarkia.tchepai.com%2F\u0026v=1.3.2\u0026lv=2\u0026sn=52049\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fpromarkia.tchepai.com%2F","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:33.905Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=2822E40DF4CBF9F5\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026ep=2504%2C2503\u0026et=3\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026lt=1766613501\u0026rnd=414955135\u0026si=c55c6aaaf65f2014092bf25971daef13\u0026su=https%3A%2F%2Fpromarkia.tchepai.com%2F\u0026v=1.3.2\u0026lv=2\u0026sn=52049\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fpromarkia.tchepai.com%2F HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Wed, 24 Dec 2025 21:58:34 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=0CCB47F15CEAC9D1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-06T10:13:20.046125Z","times_seen":328563,"resource_available":true,"data":null}},"time_used":318,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":318,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/js/jquery.qrcode.min.js","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:28.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/js/jquery.qrcode.min.js HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6936617e-36ab\"\r\nexpires: Thu, 25 Dec 2025 09:58:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13995,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (544)","md5":"05f0b1d7d4b9b0b4975870606d650e3c","sha1":"f424bd339870510d1160d1c5da5d698aedbb452e","sha256":"f4ccf02b69092819ac24575c717a080c3b6c6d6161f1b8d82bf0bb523075032d","sha512":"34551c0e59b857e6b6b233d7ee04442178024858daf5c1ed28f38bd738fa4219c4d2f718ebde4c3837a1aa46866132f22f6c317bfc2daf8678f52bea5ead7651","ssdeep":"384:ILEsd9QYYAA1TRjjrlqgbHH/sgDZUnEbBIg4:wIFbVg","tlshash":"b452c8d1f39142b7b1466cd9681f289e98e8a4a3ac14955cbfb8c0e2e674fd16478f30","first_seen":"2023-03-07T01:15:08Z","last_seen":"2026-04-06T07:56:20.545163Z","times_seen":3607,"resource_available":true,"data":null}},"time_used":444,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":444,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/js/theme-plugins-1.1.3.js","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:28.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/js/theme-plugins-1.1.3.js HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:28 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6936617e-39c22\"\r\nexpires: Thu, 25 Dec 2025 09:58:28 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":236578,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (42862)","md5":"3e59d67b0ba8b2b3bd96468da87bf850","sha1":"77f8fa85ea1c19fe9dbb9ca308e519fc94c4ad9b","sha256":"80d5cdf7cce5b31f8812a9df4e972c943d7677674b26360aa5ad9b2eb73b88b6","sha512":"fe0aea01afd7783f89eb8c9ce83e99ce54cdd51088f0484f200d65f1321a4f1e41915a4644588cb878052921564ac53e631ad9e556eac24f0fe2c713a6590912","ssdeep":"6144:jNieePiOow3ApC1j2b1dimpqoqslIfpr1abkKJypN:jNie+iOVh23NQ2ypN","tlshash":"8d3438567340367241e751ca50178105f372ba69b406c0ac72bdced62f9e98a60fffba","first_seen":"2025-10-25T15:53:30.344193Z","last_seen":"2026-03-22T11:49:55.741309Z","times_seen":7,"resource_available":true,"data":null}},"time_used":442,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":442,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/uploads/tool-img/screenshot_a9a4dcd1cad123731fcf500cb0546ef1.jpg","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:32.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/uploads/tool-img/screenshot_a9a4dcd1cad123731fcf500cb0546ef1.jpg HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 62084\r\nlast-modified: Mon, 03 Nov 2025 02:23:32 GMT\r\netag: \"69081224-f284\"\r\nexpires: Thu, 24 Dec 2026 21:58:32 GMT\r\nvary: Accept\r\ncache-control: max-age=31536000, private\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":62084,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x853, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ca733a117d9d35745ffc976739b1dc35","sha1":"547849ca4246bb8a90506f49ba9647125f82eeb6","sha256":"f4de89855c60d9b39a2c8de93ed284a3f9e38bcd942b84ae8ce950dd7f4538d3","sha512":"b8fb64c3700c4597264650d372756296e92809213fe00879922e94e20446e39fbfe30267a703487385096d3ac8ff563b33d9a1f1434ee3f405c743da97bc8cf2","ssdeep":"1536:A05qWuOlx+PqtF5nscVOEmMPccKd2kcbBslPDn4+aF:X5BLPdnssOEMXROKl7xU","tlshash":"5b5301507d71fc77799f12117281f8a5cc934d86b24e8af701ab3a2dd7d36a40b24a07","first_seen":"2025-12-24T21:58:52.151813Z","last_seen":"2025-12-24T21:58:52.151813Z","times_seen":1,"resource_available":false,"data":null}},"time_used":471,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":461,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/fonts/remixicon.woff?t=1730118419915","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:33.061Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/fonts/remixicon.woff?t=1730118419915 HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aigcsoft.site/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:33 GMT\r\ncontent-type: font/woff\r\ncontent-length: 239380\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\netag: \"6936617e-3a714\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16218,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 239380, version 1.0","md5":"a08e9d0aa3e69dc1c03ea8e7da92af42","sha1":"2dc216af27448f9519761fd705a9e9987ac3ab46","sha256":"9504ba31fc8762e991374f7bf1a95cfccf5862179707501b94c9747b286e101e","sha512":"c62faea225f808ab2e33dba8b8a7cd9d857587131882cf36a477a6588a6fd2c200f3308c14c7fecc26d04909e990463f2de5713e49f85e2766dd577c0ad3fd95","ssdeep":"384:nwFirXX2hG/dAjLcy2F8+ld2iNJoUL0F5i2Ln1IwJd:wFOHn1md2PGiNJoZXn1n","tlshash":"53729eb59965a7c5e28fcca03f6add3174172a678d2989c450d3e6c031f6dd04ee0ca7","first_seen":"2025-12-20T07:28:33.056425Z","last_seen":"2025-12-24T21:58:52.181544Z","times_seen":2,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":247,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:16.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tchepai.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 23:29:40 GMT","end":"Wed, 11 Feb 2026 00:28:09 GMT"},"fingerprint":{"sha1":"8B:3C:69:E0:C4:98:BD:A9:96:0D:82:95:06:D9:95:D6:53:61:B2:EB","sha256":"41:CF:0C:C6:86:69:7A:85:04:32:9B:03:B2:BA:24:26:DE:DC:93:7E:5B:88:0F:D3:DC:8F:FC:0F:3D:06:AB:40"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: promarkia.tchepai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Wed, 24 Dec 2025 22:46:16 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hqLRbD%2F5TAj0UpG83Equy3MCaEBJZv6yqz9q2FKTX4Zh7gpFNaMgjsS3jH%2FeP51CyVAJFJr%2FZXCz%2Bir3EGEBcoKB%2Fj9Vf7En34v9OkKsINUkpSrNWw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Wed, 24 Dec 2025 21:58:16 GMT\r\ncf-ray: 9b335bf11f5c5ebd-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-06T10:01:44.075126Z","times_seen":293819,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"promarkia.tchepai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/js/jquery.qrcode.min.js","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:18.291Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/js/jquery.qrcode.min.js HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:18 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6936617e-36ab\"\r\nexpires: Thu, 25 Dec 2025 09:58:18 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13995,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (544)","md5":"05f0b1d7d4b9b0b4975870606d650e3c","sha1":"f424bd339870510d1160d1c5da5d698aedbb452e","sha256":"f4ccf02b69092819ac24575c717a080c3b6c6d6161f1b8d82bf0bb523075032d","sha512":"34551c0e59b857e6b6b233d7ee04442178024858daf5c1ed28f38bd738fa4219c4d2f718ebde4c3837a1aa46866132f22f6c317bfc2daf8678f52bea5ead7651","ssdeep":"384:ILEsd9QYYAA1TRjjrlqgbHH/sgDZUnEbBIg4:wIFbVg","tlshash":"b452c8d1f39142b7b1466cd9681f289e98e8a4a3ac14955cbfb8c0e2e674fd16478f30","first_seen":"2023-03-07T01:15:08Z","last_seen":"2026-04-06T07:56:20.545163Z","times_seen":3607,"resource_available":true,"data":null}},"time_used":406,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":406,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/fonts/remixicon.woff?t=1730118419915","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:28.613Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/fonts/remixicon.woff?t=1730118419915 HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aigcsoft.site/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:28 GMT\r\ncontent-type: font/woff\r\ncontent-length: 239380\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\netag: \"6936617e-3a714\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":98304,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 239380, version 1.0","md5":"caa2a594e8fbbbda54a4367b97e806ca","sha1":"1a86691a71c2a11ce4f2f669dc7659bf418eb813","sha256":"c0b0fc3e6e4d7fc394018bc414ecc585e23db4350f59d22d54a5d3a9292d18b7","sha512":"99000b7276543e3d16ee8e327346b17c8039cdeb0c168592204bf92f186a178ea15dbe788e481b44c56d2c319bcfd7d3208a81ec20b647492d4dcb14700be84d","ssdeep":"1536:wFrdPiNuZXndTr3tNLn7yvbAWnx53TleYyDavQStVvDSAjZmYYGmwi7Uw0KGAQuo:IiNOrdNL7GTxeYya1tJjZmY9vOUdKiom","tlshash":"53a312f550a29ee8a24eca612eb3dd316c9e380de80915f4ded2f51125f6ce54c7a093","first_seen":"2025-12-24T21:58:52.18321Z","last_seen":"2025-12-24T21:58:52.18321Z","times_seen":1,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":247,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:32.037Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tchepai.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 23:29:40 GMT","end":"Wed, 11 Feb 2026 00:28:09 GMT"},"fingerprint":{"sha1":"8B:3C:69:E0:C4:98:BD:A9:96:0D:82:95:06:D9:95:D6:53:61:B2:EB","sha256":"41:CF:0C:C6:86:69:7A:85:04:32:9B:03:B2:BA:24:26:DE:DC:93:7E:5B:88:0F:D3:DC:8F:FC:0F:3D:06:AB:40"}}},"request":{"raw":"GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1\r\nHost: promarkia.tchepai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nCookie: Hm_lvt_c55c6aaaf65f2014092bf25971daef13=1766613501; Hm_lpvt_c55c6aaaf65f2014092bf25971daef13=1766613509; HMACCOUNT=B41F89B426AA4740\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Wed, 24 Dec 2025 22:46:32 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3ad05ceR1UNt1BKTmxac%2FJ9tem44wokMAnxjCc1no3X4bHCaWYtX44Ys00MUEuyoY6co5t9pJhG8pj8L%2F%2F80T7hgFnnZD90DgVyOHWTw6zd4XDC2Ew%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Wed, 24 Dec 2025 21:58:32 GMT\r\ncf-ray: 9b335c523be05ebd-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12332,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12331)","md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-06T10:01:17.366505Z","times_seen":94910,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"promarkia.tchepai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/fonts/remixicon.woff?t=1730118419915","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:18.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/fonts/remixicon.woff?t=1730118419915 HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aigcsoft.site/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:19 GMT\r\ncontent-type: font/woff\r\ncontent-length: 239380\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\netag: \"6936617e-3a714\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16218,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 239380, version 1.0","md5":"a08e9d0aa3e69dc1c03ea8e7da92af42","sha1":"2dc216af27448f9519761fd705a9e9987ac3ab46","sha256":"9504ba31fc8762e991374f7bf1a95cfccf5862179707501b94c9747b286e101e","sha512":"c62faea225f808ab2e33dba8b8a7cd9d857587131882cf36a477a6588a6fd2c200f3308c14c7fecc26d04909e990463f2de5713e49f85e2766dd577c0ad3fd95","ssdeep":"384:nwFirXX2hG/dAjLcy2F8+ld2iNJoUL0F5i2Ln1IwJd:wFOHn1md2PGiNJoZXn1n","tlshash":"53729eb59965a7c5e28fcca03f6add3174172a678d2989c450d3e6c031f6dd04ee0ca7","first_seen":"2025-12-20T07:28:33.056425Z","last_seen":"2025-12-24T21:58:52.181544Z","times_seen":2,"resource_available":false,"data":null}},"time_used":248,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":246,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/rum?","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:33.770Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tchepai.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 23:29:40 GMT","end":"Wed, 11 Feb 2026 00:28:09 GMT"},"fingerprint":{"sha1":"8B:3C:69:E0:C4:98:BD:A9:96:0D:82:95:06:D9:95:D6:53:61:B2:EB","sha256":"41:CF:0C:C6:86:69:7A:85:04:32:9B:03:B2:BA:24:26:DE:DC:93:7E:5B:88:0F:D3:DC:8F:FC:0F:3D:06:AB:40"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: promarkia.tchepai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 1055\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nCookie: Hm_lvt_c55c6aaaf65f2014092bf25971daef13=1766613501; Hm_lpvt_c55c6aaaf65f2014092bf25971daef13=1766613509; HMACCOUNT=B41F89B426AA4740\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1055,"data":"{\"memory\":{},\"resources\":[],\"referrer\":\"https://promarkia.tchepai.com/\",\"eventType\":1,\"firstPaint\":0,\"firstContentfulPaint\":916,\"startTime\":1766613511431,\"versions\":{\"fl\":\"2024.11.0\",\"js\":\"2024.6.1\",\"timings\":2},\"pageloadId\":\"dd7212e9-9e50-4a6c-8e08-6bc267594be7\",\"location\":\"https://promarkia.tchepai.com/\",\"nt\":\"navigate\",\"timingsV2\":{\"unloadEventStart\":550,\"unloadEventEnd\":554,\"domInteractive\":882,\"domContentLoadedEventStart\":972,\"domContentLoadedEventEnd\":974,\"domComplete\":2135,\"loadEventStart\":2135,\"loadEventEnd\":2138,\"type\":\"navigate\",\"redirectCount\":0,\"initiatorType\":\"navigation\",\"nextHopProtocol\":\"h3\",\"workerStart\":0,\"redirectStart\":0,\"redirectEnd\":0,\"fetchStart\":1,\"domainLookupStart\":1,\"domainLookupEnd\":1,\"connectStart\":1,\"connectEnd\":1,\"secureConnectionStart\":1,\"requestStart\":14,\"responseStart\":541,\"responseEnd\":541,\"transferSize\":14802,\"encodedBodySize\":14024,\"decodedBodySize\":61212,\"name\":\"https://promarkia.tchepai.com/\",\"entryType\":\"navigation\",\"startTime\":0,\"duration\":2138},\"siteToken\":\"92deb57dede945b8a4cf3d9a4d6c7549\",\"st\":2}"}},"response":{"raw":"HTTP/3 204 No Content\r\naccess-control-allow-origin: https://promarkia.tchepai.com\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-max-age: 86400\r\nvary: Origin, accept-encoding\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TAJV9X4sPuZVYyQp%2BSqiSmYLd4yLgVQeH7YVIbjJqxr8L1FXxaZ5EhpsCTVpUAm72VLCJHfvIVuVoN5oHhWFxSTKjf0oNqe4NIanVh83nCahqmpdQQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Wed, 24 Dec 2025 21:58:33 GMT\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 9b335c5d0d2a5ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":2,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":2,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"promarkia.tchepai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/js/theme-main-1.1.3.js","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:18.293Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/js/theme-main-1.1.3.js HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:18 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6936617e-857d\"\r\nexpires: Thu, 25 Dec 2025 09:58:18 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":34173,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"2e7e831ad18cb087126df11cfbcf50ce","sha1":"d1234fee2361ab14e80187aa09d47ffa0a967e92","sha256":"a505eaa9662755053e86b75135a4ba3a9441003caac80ce29242c9810011381d","sha512":"0cf3e4cb5a2e014350e1b86e19493d6535c99b25c7c5672554c000d96d56cdbb7408d9059014672cbce73b4f93fa182d5cdd958c9e0ea7531248ef90ba1af08c","ssdeep":"384:bHf1gZB8+4WOsxLEjBCoigtzztO3w4OBm8zX4EFz44VHRSjQyIntg2M/yu3uEJH1:wB84EyH8XNRSjQE3zJYoRJP/WDRk","tlshash":"9be2e614ff3d24ab80baf0da18af25cefa3d5173bd4208a5ecad44941bc085d764d9a7","first_seen":"2025-12-20T07:28:33.039635Z","last_seen":"2026-03-22T11:49:55.735942Z","times_seen":5,"resource_available":true,"data":null}},"time_used":406,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":406,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-24T21:58:21.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tchepai.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 23:29:40 GMT","end":"Wed, 11 Feb 2026 00:28:09 GMT"},"fingerprint":{"sha1":"8B:3C:69:E0:C4:98:BD:A9:96:0D:82:95:06:D9:95:D6:53:61:B2:EB","sha256":"41:CF:0C:C6:86:69:7A:85:04:32:9B:03:B2:BA:24:26:DE:DC:93:7E:5B:88:0F:D3:DC:8F:FC:0F:3D:06:AB:40"}}},"request":{"raw":"POST / HTTP/1.1\r\nHost: promarkia.tchepai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: multipart/form-data; boundary=---------------------------28932000323335196821542383864\r\nContent-Length: 174\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nCookie: Hm_lvt_c55c6aaaf65f2014092bf25971daef13=1766613501; Hm_lpvt_c55c6aaaf65f2014092bf25971daef13=1766613501; HMACCOUNT=B41F89B426AA4740\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":174,"data":"-----------------------------28932000323335196821542383864\r\nContent-Disposition: form-data; name=\"field_2\"\r\n\r\n\r\n-----------------------------28932000323335196821542383864--\r\n"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 24 Dec 2025 21:58:22 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nserver-timing: wp-before-template;dur=128.78, cfCacheStatus;desc=\"DYNAMIC\", cfEdge;dur=6,cfOrigin;dur=1034, cfExtPri\r\nstrict-transport-security: max-age=31536000\r\npriority: u=1,i=?0\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BJ5wr6pGqn1ye7ZVqt9m%2BnCB%2BQBebJgRLzU%2Beuo%2Bla%2B%2BW1JZ596JI1U95yo%2FoGwaTa6rdY5Ssdaq9JSJjSoVzPtGccPWXqQopRU7QbSrWR%2Bo%2FQVeaA%3D%3D\"}]}\r\ncf-ray: 9b335c12fc795ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"Image Placeholders:1.2.0","description":"Performance plugin from the WordPress Performance Team, which determines and stores the dominant color for newly uploaded images in the media library, then uses that as a placeholder background during front end image loads.","website":"https://wordpress.org/plugins/dominant-color-images/","common_platform_enumeration":"","icon":"dominant-color-images.svg","categories":["WordPress plugins","Performance"]},{"name":"Web Worker Offloading:0.2.0","description":"Performance plugin from the WordPress Performance Team, which offloads JavaScript execution to a Web Worker, improving performance by freeing up the main thread.","website":"https://wordpress.org/plugins/web-worker-offloading/","common_platform_enumeration":"","icon":"web-worker-offloading.svg","categories":["WordPress plugins","Performance"]},{"name":"Google AdSense","description":"Google AdSense is a program run by Google through which website publishers serve advertisements that are targeted to the site content and audience.","website":"https://www.google.com/adsense/start/","common_platform_enumeration":"","icon":"Google AdSense.svg","categories":["Advertising"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Performance Lab:4.0.0","description":"Performance plugin from the WordPress Performance Team, which is a collection of standalone performance modules.","website":"https://wordpress.org/plugins/performance-lab/","common_platform_enumeration":"","icon":"Performance Lab.svg","categories":["WordPress plugins","Performance"]},{"name":"Performant Translations:1.2.0","description":"Performance plugin from the WordPress Performance Team, which makes internationalization/localization in WordPress faster than ever before.","website":"https://wordpress.org/plugins/performant-translations/","common_platform_enumeration":"","icon":"performant-translations.svg","categories":["WordPress plugins","Performance"]},{"name":"Optimization Detective:1.0.0","description":"Performance plugin from the WordPress Performance Team, which captures real user metrics about what elements are displayed on the page across a variety of device form factors (e.g. desktop, tablet, and phone) in order to apply loading optimizations.","website":"https://wordpress.org/plugins/optimization-detective/","common_platform_enumeration":"","icon":"optimization-detective.svg","categories":["WordPress plugins","Performance"]},{"name":"Enhanced Responsive Images:1.7.0","description":"Performance plugin from the WordPress Performance Team, which improves image sizes attribute accuracy and implements the HTML spec for adding sizes='auto' to lazy loaded images.","website":"https://wordpress.org/plugins/auto-sizes/","common_platform_enumeration":"","icon":"enhanced-image-sizes.svg","categories":["WordPress plugins","Performance"]},{"name":"Speculative Loading:1.6.0","description":"Performance plugin from the WordPress Performance Team, which adds support for the Speculation Rules API, by which certain URLs are dynamically prefetched or prerendered based on user interaction.","website":"https://wordpress.org/plugins/speculation-rules/","common_platform_enumeration":"","icon":"speculation-rules.svg","categories":["WordPress plugins","Performance"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"Embed Optimizer:1.0.0","description":"Performance plugin from the WordPress Performance Team, which optimizes embeds by lazy loading them only as they come into view.","website":"https://wordpress.org/plugins/embed-optimizer/","common_platform_enumeration":"","icon":"embed-optimizer.svg","categories":["WordPress plugins","Performance"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Image Prioritizer:1.0.0","description":"Performance plugin from the WordPress Performance Team, which optimizes the loading of images which are the LCP (Largest Contentful Paint) element, including both img elements and elements with CSS background images.","website":"https://wordpress.org/plugins/image-prioritizer/","common_platform_enumeration":"","icon":"image-prioritizer.svg","categories":["WordPress plugins","Performance"]}],"data":{"size":61212,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8832), with CRLF, LF line terminators","md5":"0164ae35ffa9bf4a4038d7e94da10d68","sha1":"9aa14f66dc346a2880523f3346bf57f1c73c7c1a","sha256":"a3181bad145834a1d92d52b4ff9fbe96c1e0e22623456477d0da6edecb54c42f","sha512":"cc178bda20f06fcc5ada7e2f0e1b47b2034b79c07dfe9505278ac1ddafa9044b3b7992ba6920f520921b7a0aa3b9716c93acbce61f6bac77dd3eca20ca6e1076","ssdeep":"1536:uiypHdQeoJStwnoDzFhOeqt1N7AfPevn1SCNx1dRjhZt:ub9xoJStwnoD3OeQ1N8fW1SCNlthL","tlshash":"b55387b1d48d507b021b57e54530b72df2935a3bcf225a62b3fa93acc748f9684a310e","first_seen":"2025-12-24T21:58:52.184645Z","last_seen":"2025-12-24T21:58:52.184645Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1049,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1048,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"promarkia.tchepai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/fonts/remixicon.ttf?t=1730118419915","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:24.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/fonts/remixicon.ttf?t=1730118419915 HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aigcsoft.site/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:24 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 563252\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\netag: \"6936617e-89834\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16209,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"GSUB\"","md5":"eb0489bd93d5f4d5f206b342c3837496","sha1":"969c5fc7ea62eda60870c3a7e9b138903de01f74","sha256":"8e6cc534e23123e5a06e7de297ad4ed5a480e09098e2c3ed824c789474b65fc8","sha512":"781a36c17578c6932b029b72f69a17881c88851653a850eb08d8f820c7e247e9394924b29cee7dcf6bcfb54b69bb393090364443e7518f0e740b76e7473ca7ac","ssdeep":"48:zUkBL2HHuxl8BgY8HF0CEVEAF373XVnE22n4nIwn0fyjA33nn5H:zUkBLWOj5rWCI/VrlE2W4/0Ks35","tlshash":"6c722a529363ff92c1f90432367a9f3a6d28f50061a55a26fe0296e5c8a6770bc05cd3","first_seen":"2025-12-20T07:28:33.063544Z","last_seen":"2025-12-24T21:58:52.143593Z","times_seen":2,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":249,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=B41F89B426AA4740\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026lt=1766613501\u0026rnd=1850102930\u0026si=c55c6aaaf65f2014092bf25971daef13\u0026su=https%3A%2F%2Fpromarkia.tchepai.com%2F\u0026v=1.3.2\u0026lv=2\u0026sn=52045\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fpromarkia.tchepai.com%2F\u0026tt=Promarkia-AI%E6%99%BA%E8%83%BD%E8%90%A5%E9%94%80%E5%86%85%E5%AE%B9%E7%94%9F%E6%88%90%E5%B9%B3%E5%8F%B0%EF%BC%8C%E4%B8%80%E9%94%AE%E5%88%9B%E5%BB%BA%E5%9B%BE%E7%89%87%E8%A7%86%E9%A2%91%E5%8D%9A%E5%AE%A2","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:25.163Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=B41F89B426AA4740\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026lt=1766613501\u0026rnd=1850102930\u0026si=c55c6aaaf65f2014092bf25971daef13\u0026su=https%3A%2F%2Fpromarkia.tchepai.com%2F\u0026v=1.3.2\u0026lv=2\u0026sn=52045\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fpromarkia.tchepai.com%2F\u0026tt=Promarkia-AI%E6%99%BA%E8%83%BD%E8%90%A5%E9%94%80%E5%86%85%E5%AE%B9%E7%94%9F%E6%88%90%E5%B9%B3%E5%8F%B0%EF%BC%8C%E4%B8%80%E9%94%AE%E5%88%9B%E5%BB%BA%E5%9B%BE%E7%89%87%E8%A7%86%E9%A2%91%E5%8D%9A%E5%AE%A2 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Wed, 24 Dec 2025 21:58:26 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=7700BF063F31A7AE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-06T10:13:20.046125Z","times_seen":328563,"resource_available":true,"data":null}},"time_used":1062,"timings":{"blocked":0,"dns":1,"connect":248,"send":0,"wait":309,"receive":0,"ssl":504},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:27.813Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tchepai.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 23:29:40 GMT","end":"Wed, 11 Feb 2026 00:28:09 GMT"},"fingerprint":{"sha1":"8B:3C:69:E0:C4:98:BD:A9:96:0D:82:95:06:D9:95:D6:53:61:B2:EB","sha256":"41:CF:0C:C6:86:69:7A:85:04:32:9B:03:B2:BA:24:26:DE:DC:93:7E:5B:88:0F:D3:DC:8F:FC:0F:3D:06:AB:40"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: promarkia.tchepai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nCookie: Hm_lvt_c55c6aaaf65f2014092bf25971daef13=1766613501; Hm_lpvt_c55c6aaaf65f2014092bf25971daef13=1766613505; HMACCOUNT=B41F89B426AA4740\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Wed, 24 Dec 2025 22:46:27 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fUfPjYiTsf2TFGOnGbLokb4EowNcxjVFn%2Bs8nwrF0TaLnuuXhQwWB%2BRIqssqF0HY34wahPkj8NYucovFrgpPzTQaj6YZ6SlqKIDQgomuBz%2BZ2XHbXQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Wed, 24 Dec 2025 21:58:27 GMT\r\ncf-ray: 9b335c37c8005ebd-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-06T10:01:44.075126Z","times_seen":293819,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"promarkia.tchepai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:16.503Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Dec 2025 10:36:27 GMT","end":"Fri, 20 Mar 2026 11:36:07 GMT"},"fingerprint":{"sha1":"C6:6A:71:84:C2:40:13:D1:A4:B7:DF:C4:1C:E1:54:F3:76:97:EF:6B","sha256":"EC:09:93:3E:E8:5D:9E:7A:B0:D9:7C:6D:85:49:92:10:89:9F:C8:FF:A5:1B:90:BB:AB:86:7E:D9:BA:0A:1C:4E"}}},"request":{"raw":"GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1\r\nHost: static.cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 24 Dec 2025 21:58:16 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\netag: W/\"2024.6.1\"\r\nlast-modified: Thu, 06 Jun 2024 15:52:56 GMT\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9b335bf13f66b4f3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19948,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (19948), with no line terminators","md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-06T09:59:39.016388Z","times_seen":330593,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":8,"dns":0,"connect":1,"send":0,"wait":12,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/uploads/tool-img/screenshot_a9a4dcd1cad123731fcf500cb0546ef1.jpg","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:18.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/uploads/tool-img/screenshot_a9a4dcd1cad123731fcf500cb0546ef1.jpg HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:18 GMT\r\ncontent-type: image/webp\r\ncontent-length: 62084\r\nlast-modified: Mon, 03 Nov 2025 02:23:32 GMT\r\netag: \"69081224-f284\"\r\nexpires: Thu, 24 Dec 2026 21:58:18 GMT\r\nvary: Accept\r\ncache-control: max-age=31536000, private\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":62084,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x853, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ca733a117d9d35745ffc976739b1dc35","sha1":"547849ca4246bb8a90506f49ba9647125f82eeb6","sha256":"f4de89855c60d9b39a2c8de93ed284a3f9e38bcd942b84ae8ce950dd7f4538d3","sha512":"b8fb64c3700c4597264650d372756296e92809213fe00879922e94e20446e39fbfe30267a703487385096d3ac8ff563b33d9a1f1434ee3f405c743da97bc8cf2","ssdeep":"1536:A05qWuOlx+PqtF5nscVOEmMPccKd2kcbBslPDn4+aF:X5BLPdnssOEMXROKl7xU","tlshash":"5b5301507d71fc77799f12117281f8a5cc934d86b24e8af701ab3a2dd7d36a40b24a07","first_seen":"2025-12-24T21:58:52.151813Z","last_seen":"2025-12-24T21:58:52.151813Z","times_seen":1,"resource_available":false,"data":null}},"time_used":686,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":438,"receive":248,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:18.303Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:18 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 28 Aug 2023 09:14:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64ec6570-15601\"\r\nexpires: Thu, 25 Dec 2025 09:58:18 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":87553,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-06T10:07:55.618232Z","times_seen":689847,"resource_available":true,"data":null}},"time_used":402,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":402,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/css/remixicon-4.5.css","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:23.036Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/css/remixicon-4.5.css HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:23 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6936617e-1f79e\"\r\nexpires: Thu, 25 Dec 2025 09:58:23 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":128926,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65345)","md5":"cbb4de68302eb819a31e88b9ba841145","sha1":"8c4ded6c5a64fc3afbd0d3c7bc2bcbb03309ae7a","sha256":"cfe789bede6ffea11f81d969f872950c1ef17a48ffde37edcd1c852d904695d9","sha512":"f5a6ec4098a6469f622ad09f5c6180a7d735ac851959718d2122b9cb9ade3695779a7d027f920935a22f9436a35878bcb90b3969cb84cc97da64d87464610d83","ssdeep":"1536:Zpc+QAP3ILxAjujj/mZjblpU0UvDfFawWgUipUwRET5yZ03fIJsP322H3a37VMr6:ZT3uxx/KPbdwRDnK5u","tlshash":"9dc305fde24d44d13732c886eb75b78a60e9fabad5815c55f81b500daec36a102c4ebc","first_seen":"2025-10-01T09:16:29.300085Z","last_seen":"2026-04-02T19:56:53.393581Z","times_seen":9,"resource_available":false,"data":null}},"time_used":527,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":527,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:23.603Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:23 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 28 Aug 2023 09:14:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64ec6570-15601\"\r\nexpires: Thu, 25 Dec 2025 09:58:23 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":87553,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-06T10:07:55.618232Z","times_seen":689847,"resource_available":true,"data":null}},"time_used":704,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":704,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/fonts/remixicon.woff?t=1730118419915","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:24.314Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/fonts/remixicon.woff?t=1730118419915 HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aigcsoft.site/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:24 GMT\r\ncontent-type: font/woff\r\ncontent-length: 239380\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\netag: \"6936617e-3a714\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16218,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 239380, version 1.0","md5":"a08e9d0aa3e69dc1c03ea8e7da92af42","sha1":"2dc216af27448f9519761fd705a9e9987ac3ab46","sha256":"9504ba31fc8762e991374f7bf1a95cfccf5862179707501b94c9747b286e101e","sha512":"c62faea225f808ab2e33dba8b8a7cd9d857587131882cf36a477a6588a6fd2c200f3308c14c7fecc26d04909e990463f2de5713e49f85e2766dd577c0ad3fd95","ssdeep":"384:nwFirXX2hG/dAjLcy2F8+ld2iNJoUL0F5i2Ln1IwJd:wFOHn1md2PGiNJoZXn1n","tlshash":"53729eb59965a7c5e28fcca03f6add3174172a678d2989c450d3e6c031f6dd04ee0ca7","first_seen":"2025-12-20T07:28:33.056425Z","last_seen":"2025-12-24T21:58:52.181544Z","times_seen":2,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":245,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:18.150Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tchepai.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 23:29:40 GMT","end":"Wed, 11 Feb 2026 00:28:09 GMT"},"fingerprint":{"sha1":"8B:3C:69:E0:C4:98:BD:A9:96:0D:82:95:06:D9:95:D6:53:61:B2:EB","sha256":"41:CF:0C:C6:86:69:7A:85:04:32:9B:03:B2:BA:24:26:DE:DC:93:7E:5B:88:0F:D3:DC:8F:FC:0F:3D:06:AB:40"}}},"request":{"raw":"GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1\r\nHost: promarkia.tchepai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Wed, 24 Dec 2025 22:46:18 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fP7xonDLtwc9NfDlvtzqCjqU8RNI2vvIG8aqtkTALonN40oc6ys4lRs515tAx5oVCwIkYdoXHRZPGMdg90A%2B89eRHDMexo%2BEYNboUuUUdZbXg69cOw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Wed, 24 Dec 2025 21:58:18 GMT\r\ncf-ray: 9b335bfb684f5ebd-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12332,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12331)","md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-06T10:01:17.366505Z","times_seen":94910,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":4,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"promarkia.tchepai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/uploads/2025/05/bg3.jpg?orientation=landscape\u0026width=1920\u0026height=850","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:23.559Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/uploads/2025/05/bg3.jpg?orientation=landscape\u0026width=1920\u0026height=850 HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:23 GMT\r\ncontent-type: image/webp\r\ncontent-length: 23682\r\nlast-modified: Mon, 03 Nov 2025 02:35:56 GMT\r\netag: \"6908150c-5c82\"\r\nexpires: Thu, 24 Dec 2026 21:58:23 GMT\r\nvary: Accept\r\ncache-control: max-age=31536000, private\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23682,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x850, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"474ef9ffb3d7631a7f573e747b065667","sha1":"2a9a9c059559ca3a97c870a05fa287ea18613f06","sha256":"fe33c5ccf2eed97bf1dd4f55bca0b138a6492c822541f1856c5acce7ad48d893","sha512":"973137a1bfef726c530f0657b5746c73ee637358b8bb3c7aaa3da163e73d5cc58061bea05a3bbdfea82d5a98b498baf6cd80e6f2af04acf5a189529448f13ea4","ssdeep":"384:XL36AO1qPsnZSi7f1Gf4BYYS9XJd347ZiP8YsVyOfpQGVm:rFSqPsnbT12+YTdTo7ZikYWTVm","tlshash":"afb2df2f4b886ce5ed6f05f325b00110541369732eeb9bd8095576e0abb05472e39df7","first_seen":"2025-10-29T13:50:29.298269Z","last_seen":"2026-03-22T11:49:55.685335Z","times_seen":6,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-24T21:58:31.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tchepai.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 23:29:40 GMT","end":"Wed, 11 Feb 2026 00:28:09 GMT"},"fingerprint":{"sha1":"8B:3C:69:E0:C4:98:BD:A9:96:0D:82:95:06:D9:95:D6:53:61:B2:EB","sha256":"41:CF:0C:C6:86:69:7A:85:04:32:9B:03:B2:BA:24:26:DE:DC:93:7E:5B:88:0F:D3:DC:8F:FC:0F:3D:06:AB:40"}}},"request":{"raw":"POST / HTTP/1.1\r\nHost: promarkia.tchepai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: multipart/form-data; boundary=---------------------------29766983073058192414712788263\r\nContent-Length: 174\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nCookie: Hm_lvt_c55c6aaaf65f2014092bf25971daef13=1766613501; Hm_lpvt_c55c6aaaf65f2014092bf25971daef13=1766613509; HMACCOUNT=B41F89B426AA4740\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":174,"data":"-----------------------------29766983073058192414712788263\r\nContent-Disposition: form-data; name=\"field_2\"\r\n\r\n\r\n-----------------------------29766983073058192414712788263--\r\n"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 24 Dec 2025 21:58:31 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nserver-timing: wp-before-template;dur=148.17, cfCacheStatus;desc=\"DYNAMIC\", cfEdge;dur=2,cfOrigin;dur=518, cfExtPri\r\nstrict-transport-security: max-age=31536000\r\npriority: u=1,i=?0\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=y2mitDOy9%2F2UUFYaJ3tk0NPFwl1ampUZ5QJ26EKczokhOFFBvc1XYMlikV4%2F882VEPJ%2FfXyvvHO4jMIFfHBm2vqkK4JZNnhWzu82riMTzbzItQuR6w%3D%3D\"}]}\r\ncf-ray: 9b335c4e8b7f5ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Image Placeholders:1.2.0","description":"Performance plugin from the WordPress Performance Team, which determines and stores the dominant color for newly uploaded images in the media library, then uses that as a placeholder background during front end image loads.","website":"https://wordpress.org/plugins/dominant-color-images/","common_platform_enumeration":"","icon":"dominant-color-images.svg","categories":["WordPress plugins","Performance"]},{"name":"Performance Lab:4.0.0","description":"Performance plugin from the WordPress Performance Team, which is a collection of standalone performance modules.","website":"https://wordpress.org/plugins/performance-lab/","common_platform_enumeration":"","icon":"Performance Lab.svg","categories":["WordPress plugins","Performance"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Enhanced Responsive Images:1.7.0","description":"Performance plugin from the WordPress Performance Team, which improves image sizes attribute accuracy and implements the HTML spec for adding sizes='auto' to lazy loaded images.","website":"https://wordpress.org/plugins/auto-sizes/","common_platform_enumeration":"","icon":"enhanced-image-sizes.svg","categories":["WordPress plugins","Performance"]},{"name":"Google AdSense","description":"Google AdSense is a program run by Google through which website publishers serve advertisements that are targeted to the site content and audience.","website":"https://www.google.com/adsense/start/","common_platform_enumeration":"","icon":"Google AdSense.svg","categories":["Advertising"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Performant Translations:1.2.0","description":"Performance plugin from the WordPress Performance Team, which makes internationalization/localization in WordPress faster than ever before.","website":"https://wordpress.org/plugins/performant-translations/","common_platform_enumeration":"","icon":"performant-translations.svg","categories":["WordPress plugins","Performance"]},{"name":"Image Prioritizer:1.0.0","description":"Performance plugin from the WordPress Performance Team, which optimizes the loading of images which are the LCP (Largest Contentful Paint) element, including both img elements and elements with CSS background images.","website":"https://wordpress.org/plugins/image-prioritizer/","common_platform_enumeration":"","icon":"image-prioritizer.svg","categories":["WordPress plugins","Performance"]},{"name":"Optimization Detective:1.0.0","description":"Performance plugin from the WordPress Performance Team, which captures real user metrics about what elements are displayed on the page across a variety of device form factors (e.g. desktop, tablet, and phone) in order to apply loading optimizations.","website":"https://wordpress.org/plugins/optimization-detective/","common_platform_enumeration":"","icon":"optimization-detective.svg","categories":["WordPress plugins","Performance"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"Speculative Loading:1.6.0","description":"Performance plugin from the WordPress Performance Team, which adds support for the Speculation Rules API, by which certain URLs are dynamically prefetched or prerendered based on user interaction.","website":"https://wordpress.org/plugins/speculation-rules/","common_platform_enumeration":"","icon":"speculation-rules.svg","categories":["WordPress plugins","Performance"]},{"name":"Web Worker Offloading:0.2.0","description":"Performance plugin from the WordPress Performance Team, which offloads JavaScript execution to a Web Worker, improving performance by freeing up the main thread.","website":"https://wordpress.org/plugins/web-worker-offloading/","common_platform_enumeration":"","icon":"web-worker-offloading.svg","categories":["WordPress plugins","Performance"]},{"name":"Embed Optimizer:1.0.0","description":"Performance plugin from the WordPress Performance Team, which optimizes embeds by lazy loading them only as they come into view.","website":"https://wordpress.org/plugins/embed-optimizer/","common_platform_enumeration":"","icon":"embed-optimizer.svg","categories":["WordPress plugins","Performance"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":61212,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8832), with CRLF, LF line terminators","md5":"819550bf582efaf64f3eaf2ee5e62b7f","sha1":"f323632642d9ed857800bd4f475155017e5b2635","sha256":"aa7e52966a6d6e46afb8863f6a2ea3cf565b51de01476bd536ef673ec961f2a3","sha512":"cf6c1bc0d083607bc10ba07620b0dcbcb64a05d2e826d6936a3c491f2a6368657369d74d66e0f0ed6b9150d52a48698a052909a9bb1dee88cba9e6b04552da2b","ssdeep":"1536:ulypHQzbeSJStwnoDzFhOeqt1N7AfMevM1TPwC1d6jILt:ug9pSJStwnoD3OeQ1N8fR8TPwCmIx","tlshash":"695397b1d48d547b031b57e54530b72df2935a3bcf225a62b3f993a8c748fa684a310e","first_seen":"2025-12-24T21:58:52.187024Z","last_seen":"2025-12-24T21:58:52.187024Z","times_seen":1,"resource_available":false,"data":null}},"time_used":527,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":527,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"promarkia.tchepai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/css/remixicon-4.5.css","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:32.039Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/css/remixicon-4.5.css HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:32 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6936617e-1f79e\"\r\nexpires: Thu, 25 Dec 2025 09:58:32 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":128926,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65345)","md5":"cbb4de68302eb819a31e88b9ba841145","sha1":"8c4ded6c5a64fc3afbd0d3c7bc2bcbb03309ae7a","sha256":"cfe789bede6ffea11f81d969f872950c1ef17a48ffde37edcd1c852d904695d9","sha512":"f5a6ec4098a6469f622ad09f5c6180a7d735ac851959718d2122b9cb9ade3695779a7d027f920935a22f9436a35878bcb90b3969cb84cc97da64d87464610d83","ssdeep":"1536:Zpc+QAP3ILxAjujj/mZjblpU0UvDfFawWgUipUwRET5yZ03fIJsP322H3a37VMr6:ZT3uxx/KPbdwRDnK5u","tlshash":"9dc305fde24d44d13732c886eb75b78a60e9fabad5815c55f81b500daec36a102c4ebc","first_seen":"2025-10-01T09:16:29.300085Z","last_seen":"2026-04-02T19:56:53.393581Z","times_seen":9,"resource_available":false,"data":null}},"time_used":248,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/css/remixicon-4.5.css","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:16.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/css/remixicon-4.5.css HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:17 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6936617e-1f79e\"\r\nexpires: Thu, 25 Dec 2025 09:58:17 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":128926,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65345)","md5":"cbb4de68302eb819a31e88b9ba841145","sha1":"8c4ded6c5a64fc3afbd0d3c7bc2bcbb03309ae7a","sha256":"cfe789bede6ffea11f81d969f872950c1ef17a48ffde37edcd1c852d904695d9","sha512":"f5a6ec4098a6469f622ad09f5c6180a7d735ac851959718d2122b9cb9ade3695779a7d027f920935a22f9436a35878bcb90b3969cb84cc97da64d87464610d83","ssdeep":"1536:Zpc+QAP3ILxAjujj/mZjblpU0UvDfFawWgUipUwRET5yZ03fIJsP322H3a37VMr6:ZT3uxx/KPbdwRDnK5u","tlshash":"9dc305fde24d44d13732c886eb75b78a60e9fabad5815c55f81b500daec36a102c4ebc","first_seen":"2025-10-01T09:16:29.300085Z","last_seen":"2026-04-02T19:56:53.393581Z","times_seen":9,"resource_available":false,"data":null}},"time_used":2236,"timings":{"blocked":870,"dns":383,"connect":243,"send":0,"wait":487,"receive":0,"ssl":248},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/uploads/2025/07/svg_text_example-1.png","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:16.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/uploads/2025/07/svg_text_example-1.png HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:17 GMT\r\ncontent-type: image/webp\r\ncontent-length: 4044\r\nlast-modified: Mon, 03 Nov 2025 02:33:37 GMT\r\netag: \"69081481-fcc\"\r\nexpires: Thu, 24 Dec 2026 21:58:17 GMT\r\nvary: Accept\r\ncache-control: max-age=31536000, private\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4044,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a7f36d7e6fe4b37b9644beb4a6d58a90","sha1":"d4bb583da6b28a0f6bc70be526872416a4ed4acc","sha256":"25392e261de2f11d4f4edd9d5db14f28bd819c09052eceab1fddb0c0f97451fd","sha512":"241ae9883b38200d5e8c1ab7ef5f47dc2d68265db9838450c5a53f16d623ded2f83659d15c1687ab4a1ace9030f2ec2055c1f8f3fcc6601ae3b7e95ccce2caa7","ssdeep":"","tlshash":"68818f5221611f73cf4cd22a578013f79b06d6bc35e62eaab3a031d78186638b4b47c5","first_seen":"2025-10-29T13:50:29.29232Z","last_seen":"2026-03-22T11:49:55.680452Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1360,"timings":{"blocked":869,"dns":0,"connect":0,"send":0,"wait":490,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/fonts/remixicon.woff2?t=1730118419915","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:18.257Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/fonts/remixicon.woff2?t=1730118419915 HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aigcsoft.site/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:18 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 174156\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\netag: \"6936617e-2a84c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19595,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 174156, version 1.0","md5":"cac5b61207e4de6c906f58f4b96aedb1","sha1":"9af6ecbf6d9a0e8141dd28a06f109d0ff073a67c","sha256":"350d8c9532b75aa862f4e706a6874e6b1b329f50e5a70dbb0f9f008098f0592c","sha512":"a46d25533a91d434091ce8deae669b3f7bdcfc300bc7197cc2ca867e1faee0463ac594065a9fa623bc45a6588b843753712c0b45e205c4fb7c5b85acf6f58bfb","ssdeep":"384:+2J67NAEVX9Ghwzg+8/PqzQ49ifVeMEWqSMz:+2JmNAq9ZU/PqzQ4cfiWqSY","tlshash":"4192cf32cb64d1dfd5413a72b862e6a011301d568307ba8d182b9b1c9f3b189bded6a6","first_seen":"2025-12-24T21:58:52.188552Z","last_seen":"2025-12-24T21:58:52.188552Z","times_seen":1,"resource_available":false,"data":null}},"time_used":642,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":436,"receive":206,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-24T21:58:27.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tchepai.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 23:29:40 GMT","end":"Wed, 11 Feb 2026 00:28:09 GMT"},"fingerprint":{"sha1":"8B:3C:69:E0:C4:98:BD:A9:96:0D:82:95:06:D9:95:D6:53:61:B2:EB","sha256":"41:CF:0C:C6:86:69:7A:85:04:32:9B:03:B2:BA:24:26:DE:DC:93:7E:5B:88:0F:D3:DC:8F:FC:0F:3D:06:AB:40"}}},"request":{"raw":"POST / HTTP/1.1\r\nHost: promarkia.tchepai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: multipart/form-data; boundary=---------------------------19856679226711816572980232238\r\nContent-Length: 174\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nCookie: Hm_lvt_c55c6aaaf65f2014092bf25971daef13=1766613501; Hm_lpvt_c55c6aaaf65f2014092bf25971daef13=1766613505; HMACCOUNT=B41F89B426AA4740\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":174,"data":"-----------------------------19856679226711816572980232238\r\nContent-Disposition: form-data; name=\"field_2\"\r\n\r\n\r\n-----------------------------19856679226711816572980232238--\r\n"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 24 Dec 2025 21:58:27 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nserver-timing: wp-before-template;dur=141.18, cfCacheStatus;desc=\"DYNAMIC\", cfEdge;dur=2,cfOrigin;dur=561, cfExtPri\r\nstrict-transport-security: max-age=31536000\r\npriority: u=1,i=?0\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zi0jI2cTyJj8Ifdski0BBOeY56zNpL79Aiy4grMZQaCnqJcVOjpJPw8bZ8dV1vhmmNT48Sp%2F2xrsxG0HI5J5wNnEVZwvv%2F1M1H%2FbgtThtBOQ0MRmsw%3D%3D\"}]}\r\ncf-ray: 9b335c33efa65ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"Speculative Loading:1.6.0","description":"Performance plugin from the WordPress Performance Team, which adds support for the Speculation Rules API, by which certain URLs are dynamically prefetched or prerendered based on user interaction.","website":"https://wordpress.org/plugins/speculation-rules/","common_platform_enumeration":"","icon":"speculation-rules.svg","categories":["WordPress plugins","Performance"]},{"name":"Image Prioritizer:1.0.0","description":"Performance plugin from the WordPress Performance Team, which optimizes the loading of images which are the LCP (Largest Contentful Paint) element, including both img elements and elements with CSS background images.","website":"https://wordpress.org/plugins/image-prioritizer/","common_platform_enumeration":"","icon":"image-prioritizer.svg","categories":["WordPress plugins","Performance"]},{"name":"Google AdSense","description":"Google AdSense is a program run by Google through which website publishers serve advertisements that are targeted to the site content and audience.","website":"https://www.google.com/adsense/start/","common_platform_enumeration":"","icon":"Google AdSense.svg","categories":["Advertising"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"Enhanced Responsive Images:1.7.0","description":"Performance plugin from the WordPress Performance Team, which improves image sizes attribute accuracy and implements the HTML spec for adding sizes='auto' to lazy loaded images.","website":"https://wordpress.org/plugins/auto-sizes/","common_platform_enumeration":"","icon":"enhanced-image-sizes.svg","categories":["WordPress plugins","Performance"]},{"name":"Embed Optimizer:1.0.0","description":"Performance plugin from the WordPress Performance Team, which optimizes embeds by lazy loading them only as they come into view.","website":"https://wordpress.org/plugins/embed-optimizer/","common_platform_enumeration":"","icon":"embed-optimizer.svg","categories":["WordPress plugins","Performance"]},{"name":"Optimization Detective:1.0.0","description":"Performance plugin from the WordPress Performance Team, which captures real user metrics about what elements are displayed on the page across a variety of device form factors (e.g. desktop, tablet, and phone) in order to apply loading optimizations.","website":"https://wordpress.org/plugins/optimization-detective/","common_platform_enumeration":"","icon":"optimization-detective.svg","categories":["WordPress plugins","Performance"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Performance Lab:4.0.0","description":"Performance plugin from the WordPress Performance Team, which is a collection of standalone performance modules.","website":"https://wordpress.org/plugins/performance-lab/","common_platform_enumeration":"","icon":"Performance Lab.svg","categories":["WordPress plugins","Performance"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Web Worker Offloading:0.2.0","description":"Performance plugin from the WordPress Performance Team, which offloads JavaScript execution to a Web Worker, improving performance by freeing up the main thread.","website":"https://wordpress.org/plugins/web-worker-offloading/","common_platform_enumeration":"","icon":"web-worker-offloading.svg","categories":["WordPress plugins","Performance"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Image Placeholders:1.2.0","description":"Performance plugin from the WordPress Performance Team, which determines and stores the dominant color for newly uploaded images in the media library, then uses that as a placeholder background during front end image loads.","website":"https://wordpress.org/plugins/dominant-color-images/","common_platform_enumeration":"","icon":"dominant-color-images.svg","categories":["WordPress plugins","Performance"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"Performant Translations:1.2.0","description":"Performance plugin from the WordPress Performance Team, which makes internationalization/localization in WordPress faster than ever before.","website":"https://wordpress.org/plugins/performant-translations/","common_platform_enumeration":"","icon":"performant-translations.svg","categories":["WordPress plugins","Performance"]}],"data":{"size":61212,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8832), with CRLF, LF line terminators","md5":"38e351e5171a1ea8df55bdfb3e11c495","sha1":"c8fde919dc5c83eb356f71e2e78de8e6c20e8d5b","sha256":"9c9b247a3bf72871bad404203f7db9c48075eb1ae0290396f6c82bfed704fea4","sha512":"cc04247208667c64ed1d5c8dab202f9d50bf71e5be439c85c546b039b48b93741a7be7928f15147f0c6e410aa59fa05a1cfa99fffae7d7b906de4f7efb65a281","ssdeep":"1536:uvypHoQemJStwnoDzFhOeqt1N7Afcev61lNaQ1dojqvt:u69+mJStwnoD3OeQ1N8fBKlNa8kq1","tlshash":"1f5387b1d48d517a031b57e54530772df2935a3bcf229a62b3fa93acc748f9684a310e","first_seen":"2025-12-24T21:58:52.190016Z","last_seen":"2025-12-24T21:58:52.190016Z","times_seen":1,"resource_available":false,"data":null}},"time_used":572,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":571,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"promarkia.tchepai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=522069B2C416022F\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026ep=2610%2C2609\u0026et=3\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026lt=1766613501\u0026rnd=1125181564\u0026si=c55c6aaaf65f2014092bf25971daef13\u0026su=https%3A%2F%2Fpromarkia.tchepai.com%2F\u0026v=1.3.2\u0026lv=2\u0026sn=52045\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fpromarkia.tchepai.com%2F","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:29.486Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=522069B2C416022F\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026ep=2610%2C2609\u0026et=3\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026lt=1766613501\u0026rnd=1125181564\u0026si=c55c6aaaf65f2014092bf25971daef13\u0026su=https%3A%2F%2Fpromarkia.tchepai.com%2F\u0026v=1.3.2\u0026lv=2\u0026sn=52045\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fpromarkia.tchepai.com%2F HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Wed, 24 Dec 2025 21:58:29 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=A162D9E8347E7311; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-06T10:13:20.046125Z","times_seen":328563,"resource_available":true,"data":null}},"time_used":319,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":319,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/rum?","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:31.996Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tchepai.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 23:29:40 GMT","end":"Wed, 11 Feb 2026 00:28:09 GMT"},"fingerprint":{"sha1":"8B:3C:69:E0:C4:98:BD:A9:96:0D:82:95:06:D9:95:D6:53:61:B2:EB","sha256":"41:CF:0C:C6:86:69:7A:85:04:32:9B:03:B2:BA:24:26:DE:DC:93:7E:5B:88:0F:D3:DC:8F:FC:0F:3D:06:AB:40"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: promarkia.tchepai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 536\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nCookie: Hm_lvt_c55c6aaaf65f2014092bf25971daef13=1766613501; Hm_lpvt_c55c6aaaf65f2014092bf25971daef13=1766613509; HMACCOUNT=B41F89B426AA4740\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":536,"data":"{\"referrer\":\"https://promarkia.tchepai.com/\",\"eventType\":3,\"versions\":{\"js\":\"2024.6.1\",\"fl\":\"2024.11.0\"},\"pageloadId\":\"22520d34-75f1-4aad-8ad4-e944b2722042\",\"location\":\"https://promarkia.tchepai.com/\",\"landingPath\":\"/\",\"startTime\":1766613507175,\"nt\":\"navigate\",\"siteToken\":\"92deb57dede945b8a4cf3d9a4d6c7549\",\"lcp\":{\"value\":-1},\"fid\":{\"value\":-1},\"cls\":{\"value\":-1},\"fcp\":{\"value\":950,\"path\":\"/\"},\"ttfb\":{\"value\":579,\"path\":\"/\"},\"inp\":{\"value\":-1},\"timingsV2\":{\"nextHopProtocol\":\"h3\",\"transferSize\":14799,\"decodedBodySize\":61212},\"st\":1}"}},"response":{"raw":"HTTP/3 204 No Content\r\naccess-control-allow-origin: https://promarkia.tchepai.com\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-max-age: 86400\r\nvary: Origin, accept-encoding\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nmzxXT3S9nXRXmR64TDwrEDFMyJpydUuHECTWRVVTMWPvZ58F8FDSYVOppq3zxrt4n6SWVYMVJh8TGg2cw%2Bh71G9uPUHEfKCm6axzN9JLZbVV%2B11rA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Wed, 24 Dec 2025 21:58:31 GMT\r\npriority: u=6,i=?0\r\nserver: cloudflare\r\ncf-ray: 9b335c51ebd85ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"promarkia.tchepai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/fonts/socicon.ttf","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:18.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/fonts/socicon.ttf HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aigcsoft.site/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:18 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 100120\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\netag: \"6936617e-18718\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16209,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"OS/2\"","md5":"32eb61f4ac815f9eb9dc0a24c954ce06","sha1":"b92816b40b1e64e00d0897d5f5cac7323df2f7d3","sha256":"41d9662b59f0de5ef0c613f569bf21cb710ab13de227f4e05c5ba3b0ebb2e0bc","sha512":"ffa93630ee131b583c44ab7ee20122c86cc3d7ecc8522e0927b9f25891c388be5109f44a41e1ec9e9725f9e38afb2c830b77805d942296ecddf40c0e5fe1bde6","ssdeep":"192:SlCEnJ4YsvV2izyKzvwIdyU70kFwgDt52OIhwjVysCgxbKbxR+hOHlKJwdsK0Piq:SlPJ892+yKzNdr70kag5FbVbLcVAfKaj","tlshash":"7c72c60b276aeb1e906651e34c02a4138dc7e301833be6a6d3dede4861155f49c7dafe","first_seen":"2025-12-20T07:28:33.050376Z","last_seen":"2025-12-24T21:58:52.157174Z","times_seen":2,"resource_available":false,"data":null}},"time_used":511,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":508,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?c55c6aaaf65f2014092bf25971daef13","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:19.425Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?c55c6aaaf65f2014092bf25971daef13 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11293\r\nContent-Type: application/javascript\r\nDate: Wed, 24 Dec 2025 21:58:20 GMT\r\nEtag: 3381c860f9afc5d7966a876b5efa47d5\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=B41F89B426AA4740; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":29899,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (623)","md5":"17f232c927dff1763b40086d13dffcb7","sha1":"dded94b899e7319b3b0a87671bb2b5fe6fd2d000","sha256":"b1adce80a8a172fd2acf9943a5261856306a5440d1e83a21167e672707fa1925","sha512":"f443344e85abd9098828a41ea45da55de854ab9e0e3bd5531ead31d972f8c6528d6519fbdef5f21dc10f1289867b1e348a00667b19beb8b489ad2acea58670e4","ssdeep":"384:hFJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:hF4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"c6d2d9e9b282713293a324a5153f324af17b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2025-12-24T21:58:52.191713Z","last_seen":"2025-12-24T21:58:52.191713Z","times_seen":1,"resource_available":true,"data":null}},"time_used":2388,"timings":{"blocked":1026,"dns":271,"connect":253,"send":0,"wait":323,"receive":1,"ssl":511},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promarkia.tchepai.com/cdn-cgi/rum?","fqdn":"promarkia.tchepai.com","domain":"tchepai.com","tld":"com"},"ip":{"addr":"104.21.77.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:22.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tchepai.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Nov 2025 23:29:40 GMT","end":"Wed, 11 Feb 2026 00:28:09 GMT"},"fingerprint":{"sha1":"8B:3C:69:E0:C4:98:BD:A9:96:0D:82:95:06:D9:95:D6:53:61:B2:EB","sha256":"41:CF:0C:C6:86:69:7A:85:04:32:9B:03:B2:BA:24:26:DE:DC:93:7E:5B:88:0F:D3:DC:8F:FC:0F:3D:06:AB:40"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: promarkia.tchepai.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 508\r\nOrigin: https://promarkia.tchepai.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nCookie: Hm_lvt_c55c6aaaf65f2014092bf25971daef13=1766613501; Hm_lpvt_c55c6aaaf65f2014092bf25971daef13=1766613501; HMACCOUNT=B41F89B426AA4740\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":508,"data":"{\"referrer\":\"\",\"eventType\":3,\"versions\":{\"js\":\"2024.6.1\",\"fl\":\"2024.11.0\"},\"pageloadId\":\"ffdfc42e-39f9-4797-a707-270ff16fcc90\",\"location\":\"https://promarkia.tchepai.com/\",\"landingPath\":\"/\",\"startTime\":1766613495197,\"nt\":\"navigate\",\"siteToken\":\"92deb57dede945b8a4cf3d9a4d6c7549\",\"lcp\":{\"value\":-1},\"fid\":{\"value\":-1},\"cls\":{\"value\":-1},\"fcp\":{\"value\":3034,\"path\":\"/\"},\"ttfb\":{\"value\":1115,\"path\":\"/\"},\"inp\":{\"value\":-1},\"timingsV2\":{\"nextHopProtocol\":\"h2\",\"transferSize\":14771,\"decodedBodySize\":61212},\"st\":1}"}},"response":{"raw":"HTTP/3 204 No Content\r\naccess-control-allow-origin: https://promarkia.tchepai.com\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-max-age: 86400\r\nvary: Origin, accept-encoding\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=n48N%2FGkghXx5YvMllhzPzWHiCppyysCVglv%2FLYKVYQ0voor3SCwG9YjTRMI1dOGLRm7AS0pPu6aQ%2BqLHgZZeNFlNsVaEmYGHagHCbI4qcf9Uv1gVrA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Wed, 24 Dec 2025 21:58:22 GMT\r\npriority: u=6,i=?0\r\nserver: cloudflare\r\ncf-ray: 9b335c19adc75ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"promarkia.tchepai.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aigcsoft.site/wp-content/themes/NavXia/static/css/remixicon-4.5.css","fqdn":"aigcsoft.site","domain":"aigcsoft.site","tld":"site"},"ip":{"addr":"154.94.227.18","port":443,"asn":35916,"as":"MULTA-ASN1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://promarkia.tchepai.com/","date":"2025-12-24T21:58:27.812Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aigcsoft.site","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Oct 2025 15:28:12 GMT","end":"Sat, 17 Jan 2026 15:28:11 GMT"},"fingerprint":{"sha1":"AD:F1:D7:09:4E:45:AC:48:02:00:BF:38:2B:BA:15:0E:16:5C:7E:51","sha256":"31:1A:98:A5:CA:C6:1C:C9:C9:9E:13:8F:3D:13:12:A1:78:C8:0B:99:0E:8D:38:96:9A:41:FE:83:6E:CE:08:87"}}},"request":{"raw":"GET /wp-content/themes/NavXia/static/css/remixicon-4.5.css HTTP/1.1\r\nHost: aigcsoft.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promarkia.tchepai.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 24 Dec 2025 21:58:27 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 08 Dec 2025 05:26:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6936617e-1f79e\"\r\nexpires: Thu, 25 Dec 2025 09:58:27 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":128926,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65345)","md5":"cbb4de68302eb819a31e88b9ba841145","sha1":"8c4ded6c5a64fc3afbd0d3c7bc2bcbb03309ae7a","sha256":"cfe789bede6ffea11f81d969f872950c1ef17a48ffde37edcd1c852d904695d9","sha512":"f5a6ec4098a6469f622ad09f5c6180a7d735ac851959718d2122b9cb9ade3695779a7d027f920935a22f9436a35878bcb90b3969cb84cc97da64d87464610d83","ssdeep":"1536:Zpc+QAP3ILxAjujj/mZjblpU0UvDfFawWgUipUwRET5yZ03fIJsP322H3a37VMr6:ZT3uxx/KPbdwRDnK5u","tlshash":"9dc305fde24d44d13732c886eb75b78a60e9fabad5815c55f81b500daec36a102c4ebc","first_seen":"2025-10-01T09:16:29.300085Z","last_seen":"2026-04-02T19:56:53.393581Z","times_seen":9,"resource_available":false,"data":null}},"time_used":252,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":252,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}