| jkz168.com/ | 23.225.23.85 | | 894 B |
IP23.225.23.85:0
Hashe7139f5240ac1224bbe07fa1959d9642 b19af72790bfb14354b90d8f79de384dc40d9ab9 e3b9865d88335b1265bc1a18fd3bbcdc14342d062babad82a48b47436d5146a2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: jkz168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 894
Pragma: no-cache
Cache-control: no-store
|
|
| | 23.225.23.85 | | 12 kB |
IP23.225.23.85:0
File typegzip compressed data, from Unix Hash8e3d32deaa066be90ed870b9156e5e44 28f9c99261f7b54606616d1d0f36b33679265197 d2854da47fc5c9ae179983bef9b2b71e6d46fe65edbb903a3e66032b67cf0b5b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?fizyvg=l0a5u HTTP/1.1
Host: jkz168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://jkz168.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Location: /?fizyvg=l0a5u
Connection: Close
|
|
| jkz168.com/static/css/honeySwitch.css | 23.225.23.85 | 200 OK | 457 B |
URL GET HTTP/1.1jkz168.com/static/css/honeySwitch.css IP23.225.23.85:80
Requested byhttp://jkz168.com/?fizyvg=l0a5u
File typeASCII text, with CRLF line terminators Hash85dac7eb8a5aa0b338b7b8260e099e18 5d968f5c3237f3d444a791a956bdef61d1955c10 9e96df6f78cc7b662a2884a318e9ca9460f209eaad1872f93970f13c4226a03a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/css/honeySwitch.css HTTP/1.1
Host: jkz168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=88afb984451a382f86704123550eb6f1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 23:01:27 GMT
Content-Type: text/css
Last-Modified: Sat, 30 May 2020 14:20:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5ed26bbe-488"
Content-Encoding: gzip
|
|
| jkz168.com/static/css/style.css | 23.225.23.85 | 200 OK | 5.6 kB |
URL GET HTTP/1.1jkz168.com/static/css/style.css IP23.225.23.85:80
Requested byhttp://jkz168.com/?fizyvg=l0a5u
File typeassembler source, ASCII text Hash0fb7dc8b8bd99d05febeb771e9718d34 bc360e451617960f691bce204f4fe20279c1560c f0dd47f7182e58ed49484a22d592d50dad101cc4fc934958a724a443d1295fd0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/css/style.css HTTP/1.1
Host: jkz168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=88afb984451a382f86704123550eb6f1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 23:01:27 GMT
Content-Type: text/css
Last-Modified: Mon, 19 Feb 2024 16:23:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65d38080-64dc"
Content-Encoding: gzip
|
|
| js.users.51.la/21722297.js | 47.246.44.241 | 200 OK | 4.9 kB |
URL GET HTTP/1.1js.users.51.la/21722297.js IP47.246.44.241:80 ASN#24429 Zhejiang Taobao Network Co.,Ltd
Requested byhttp://jkz168.com/?fizyvg=l0a5u
File typeJavaScript source, ASCII text, with very long lines (4898), with no line terminators Hashe94d082064468a80a9c0e724644f1ad9 75c72362923088ac8df1f11d0f3d1d20fb6ed6a0 250a2e4cf20a7c1dddbfd1446ee3283c9bf364069a43efeec19181ffecd8bdc2
GET /21722297.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 24 Apr 2024 23:01:28 GMT
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: *
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Ali-Swift-Global-Savetime: 1713999688
Via: cache9.l2de2[148,148,200-0,M], cache19.l2de2[149,0], ens-cache11.se2[179,178,200-0,M], ens-cache4.se2[180,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 24 Apr 2024 23:01:28 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9817139996880718618e
|
|
| jkz168.com/static/js/jquery.eraser.js | 23.225.23.85 | 200 OK | 3.7 kB |
URL GET HTTP/1.1jkz168.com/static/js/jquery.eraser.js IP23.225.23.85:80
Requested byhttp://jkz168.com/?fizyvg=l0a5u
File typeJavaScript source, ASCII text Hash3b9e6150cba0dc506bda38b2a3716a54 522026315dbd7a14c038dafda636d4796e4902b0 53a4aa49969f0db5e5439a7fea86848c806b29bd20228d5115174003c61c1f7c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/js/jquery.eraser.js HTTP/1.1
Host: jkz168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=88afb984451a382f86704123550eb6f1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 23:01:28 GMT
Content-Type: application/javascript
Last-Modified: Tue, 22 Dec 2020 16:38:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fe22110-3236"
Content-Encoding: gzip
|
|
| jkz168.com/static/js/mi.js | 23.225.23.85 | 200 OK | 311 B |
URL GET HTTP/1.1jkz168.com/static/js/mi.js IP23.225.23.85:80
Requested byhttp://jkz168.com/?fizyvg=l0a5u
File typeJavaScript source, ASCII text Hash166442bf13ef677af6f7c31d8717ee7c cd4f9a539e4b697561a8784ff8b93e5e7d76afd7 8086eeb0abd8588f23d961bf2b215cf5bb56851f47d5e44eb34ffb9d095905e8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/js/mi.js HTTP/1.1
Host: jkz168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=88afb984451a382f86704123550eb6f1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 23:01:28 GMT
Content-Type: application/javascript
Content-Length: 311
Last-Modified: Sun, 13 Aug 2023 01:53:22 GMT
Connection: keep-alive
ETag: "64d83792-137"
Accept-Ranges: bytes
|
|
| jkz168.com/static/js/main.js | 23.225.23.85 | 200 OK | 3.8 kB |
URL GET HTTP/1.1jkz168.com/static/js/main.js IP23.225.23.85:80
Requested byhttp://jkz168.com/?fizyvg=l0a5u
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (736) Hash4aa0fe6b08096ae527b7a59d1599b542 db99a6d877bfed399a972894be0883eff0b2e30d f637f494264d3185b75f790465d2987e5a65d3a4cb6789593175a080a4ee5c2e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/js/main.js HTTP/1.1
Host: jkz168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=88afb984451a382f86704123550eb6f1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 23:01:28 GMT
Content-Type: application/javascript
Last-Modified: Wed, 27 Dec 2023 13:16:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"658c239e-3480"
Content-Encoding: gzip
|
|
| jkz168.com/static/js/ball.js | 23.225.23.85 | 200 OK | 785 B |
URL GET HTTP/1.1jkz168.com/static/js/ball.js IP23.225.23.85:80
Requested byhttp://jkz168.com/?fizyvg=l0a5u
Hasha1c4a6749985dd0c68c79e518bc36046 666bc6238b4ba007f60e7d7f53341d48beb1f0d8 4f0fafc4dfdf1ad8fec338770ab1a3fc27f171508d663d1bdffe803b80960c2e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/js/ball.js HTTP/1.1
Host: jkz168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=88afb984451a382f86704123550eb6f1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 23:01:28 GMT
Content-Type: application/javascript
Last-Modified: Mon, 19 Dec 2022 01:59:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639fc59a-8fa"
Content-Encoding: gzip
|
|
| jkz168.com/static/js/jquery.cookie.js | 23.225.23.85 | 200 OK | 1.5 kB |
URL GET HTTP/1.1jkz168.com/static/js/jquery.cookie.js IP23.225.23.85:80
Requested byhttp://jkz168.com/?fizyvg=l0a5u
File typeJavaScript source, ASCII text, with CRLF line terminators Hash185607df1287788a379739a0fbf95fae e3e4af801a9065a63a2a231f00dbae344ed0af68 96dccaa929e6a14f0f439d8597777a97b22720516942d36fc625ae11e85c3ada
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/js/jquery.cookie.js HTTP/1.1
Host: jkz168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=88afb984451a382f86704123550eb6f1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 23:01:28 GMT
Content-Type: application/javascript
Last-Modified: Wed, 06 Jul 2022 11:37:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62c573f4-cb4"
Content-Encoding: gzip
|
|
| meihutj.shangshangqian.cc/aj/33268664312664064.js | 103.216.152.88 | 200 OK | 162 B |
URL GET HTTP/2meihutj.shangshangqian.cc/aj/33268664312664064.js IP103.216.152.88:443 ASN#137697 CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China.
Requested byhttp://jkz168.com/?fizyvg=l0a5u CertificateIssuerLet's Encrypt Subjectmeihutj.shangshangqian.cc FingerprintBD:4E:0E:15:1C:A0:40:DD:A4:9E:C8:47:2E:5A:22:D1:C8:85:5E:8B ValidityWed, 03 Apr 2024 15:11:20 GMT - Tue, 02 Jul 2024 15:11:19 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /aj/33268664312664064.js HTTP/1.1
Host: meihutj.shangshangqian.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 24 Apr 2024 23:00:23 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://meihutj.shangshangqian.cc/aj/33268664312664064.js
Strict-Transport-Security: max-age=31536000
|
|
| jkz168.com/static/js/honeySwitch.js | 23.225.23.85 | 200 OK | 782 B |
URL GET HTTP/1.1jkz168.com/static/js/honeySwitch.js IP23.225.23.85:80
Requested byhttp://jkz168.com/?fizyvg=l0a5u
File typeJavaScript source, ASCII text, with CRLF line terminators Hashb1a9c6f6152e61e692c73e5d88f1fa05 37dc22484b787bd28856ee24f71ce460b5fd4b51 1d216202437aa1a97a6215e2dcaaffd0f969bd1cad5c2af0878d735157ca4c43
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/js/honeySwitch.js HTTP/1.1
Host: jkz168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=88afb984451a382f86704123550eb6f1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 23:01:28 GMT
Content-Type: application/javascript
Last-Modified: Sat, 30 May 2020 14:20:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5ed26bc6-c31"
Content-Encoding: gzip
|
|
| jkz168.com/static/js/jquery-3.4.1.min.js | 23.225.23.85 | 200 OK | 34 kB |
URL GET HTTP/1.1jkz168.com/static/js/jquery-3.4.1.min.js IP23.225.23.85:80
Requested byhttp://jkz168.com/?fizyvg=l0a5u
File typeJavaScript source, ASCII text, with very long lines (65451) Hash220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/js/jquery-3.4.1.min.js HTTP/1.1
Host: jkz168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=88afb984451a382f86704123550eb6f1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 23:01:28 GMT
Content-Type: application/javascript
Last-Modified: Mon, 23 Dec 2019 14:28:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e00cf1e-15851"
Content-Encoding: gzip
|
|
| jkz168.com/static/img/set.svg | 23.225.23.85 | 200 OK | 2.6 kB |
URL GET HTTP/1.1jkz168.com/static/img/set.svg IP23.225.23.85:80
Requested byhttp://jkz168.com/?fizyvg=l0a5u
File typeSVG Scalable Vector Graphics image Hash51426607cedc6b980deb0005c6983386 0c0d2b9d2cb3fd78b1cd2042894d44494728b175 ac3d9140a965adba1b9abb29eb78c70d104d29c4cb0147f172e9b530998e1034
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/img/set.svg HTTP/1.1
Host: jkz168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=88afb984451a382f86704123550eb6f1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 23:01:29 GMT
Content-Type: image/svg+xml
Content-Length: 2600
Last-Modified: Sat, 30 May 2020 14:23:00 GMT
Connection: keep-alive
ETag: "5ed26c44-a28"
Accept-Ranges: bytes
|
|
| jkz168.com/static/img/clock.jpg | 23.225.23.85 | 200 OK | 2.4 kB |
URL GET HTTP/1.1jkz168.com/static/img/clock.jpg IP23.225.23.85:80
Requested byhttp://jkz168.com/?fizyvg=l0a5u
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 37x39, components 3 Hashec72d33dd7d8103a00c389eba4361c8f c71d47c30a5228a1c1a12da271d5511f53314b56 392dfc9c04a73affc77e55a872c0fc089c352abfe840b6dcf0f2858a4b824aa8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/img/clock.jpg HTTP/1.1
Host: jkz168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=88afb984451a382f86704123550eb6f1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 23:01:29 GMT
Content-Type: image/jpeg
Content-Length: 2416
Last-Modified: Mon, 23 Dec 2019 14:28:46 GMT
Connection: keep-alive
ETag: "5e00cf1e-970"
Accept-Ranges: bytes
|
|
| jkz168.com/static/img/loading.gif | 23.225.23.85 | 200 OK | 441 B |
URL GET HTTP/1.1jkz168.com/static/img/loading.gif IP23.225.23.85:80
Requested byhttp://jkz168.com/?fizyvg=l0a5u
File typeGIF image data, version 89a, 16 x 16 Hashd28574ee913a2e54064d63e88408f815 aa278dbb635d7ff04189cc6d0099a14b18e9b82b 8ebc34d10560d3886427d84d72112a22a14489fea0e8a8a53d33c5de636ec313
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/img/loading.gif HTTP/1.1
Host: jkz168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=88afb984451a382f86704123550eb6f1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 23:01:29 GMT
Content-Type: image/gif
Content-Length: 441
Last-Modified: Mon, 23 Dec 2019 14:28:46 GMT
Connection: keep-alive
ETag: "5e00cf1e-1b9"
Accept-Ranges: bytes
|
|
| meihutj.shangshangqian.cc/aj/33268664312664064.js | 103.216.152.88 | 200 OK | 5.8 kB |
URL GET HTTP/2meihutj.shangshangqian.cc/aj/33268664312664064.js IP103.216.152.88:443 ASN#137697 CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China.
Requested byhttp://jkz168.com/?fizyvg=l0a5u CertificateIssuerLet's Encrypt Subjectmeihutj.shangshangqian.cc FingerprintBD:4E:0E:15:1C:A0:40:DD:A4:9E:C8:47:2E:5A:22:D1:C8:85:5E:8B ValidityWed, 03 Apr 2024 15:11:20 GMT - Tue, 02 Jul 2024 15:11:19 GMT
File typeJavaScript source, ASCII text, with very long lines (5664), with CRLF line terminators Hash01931306f867a9eda00270ca3d3dfaf9 f643d224364688227d9501b30acf371d5c4a293f 8aa792e0d79d07d70a207a252ec7b046b376254d388ff9069a4fed663eb3a416
GET /aj/33268664312664064.js HTTP/1.1
Host: meihutj.shangshangqian.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 23:00:23 GMT
expires: Wed, 24 Apr 2024 23:01:23 GMT
cache-control: max-age=60
x-cache: MISS
X-Firefox-Spdy: h2
|
|
| ia.51.la/go1?id=21722297&rt=1713999688731&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E5%25B0%258F%25E7%2599%25BD%25E9%25A2%2584%25E6%25B5%258B%25E7%25BD%2591%25E3%2580%2590jkz168.com%25E3%2580%2591%25E4%25B8%2593%25E4%25B8%259A%25E6%258F%2590%25E4%25BE%259B%25E5%258A%25A0%25E6%258B%25BF%25E5%25A4%25A728%25E3%2580%2581%25E5%25B9%25B8%25E8%25BF%25902&ing=1&ekc=&sid=1713999688731&tt=%25E5%258A%25A0%25E6%258B%25BF%25E5%25A4%25A728%25E9%25A2%2584%25E6%25B5%258B%2520%25E5%258A%25A0%25E6%258B%25BF%25E5%25A4%25A728%25E5%259C%25A8%25E7%25BA%25BF%25E9%25A2%2584%25E6%25B5%258B%25E7%25BD%2591%2520%25E6%259E%2581%25E8%2587%25B4%25E7%2581%25AB%25E7%2583%25AD%25E4%25BC%2598%25E8%25B4%25A8%25E7%259A%2584%25E5%2585%258D%25E8%25B4%25B9%25E9%25A2%2584%25E6%25B5%258B%25E7%25BD%2591%25E7%25AB%2599-%25E5%25B0%258F%25E7%2599%25BD%25E5%25A4%25A7%25E7%25A5%259E28%25E9%25A2%2584%25E6%25B5%258B&kw=%25E5%25B9%25B8%25E8%25BF%2590%25E9%25A2%2584%25E6%25B5%258B%252C%25E5%258A%25A0%25E6%258B%25BF%25E5%25A4%25A7%25E9%25A2%2584%25E6%25B5%258B%252C%25E9%25A2%2584%25E6%25B5%258B%252Cpc%25E9%25A2%2584%25E6%25B5%258B%252C%25E5%258C%2597%25E4%25BA%25AC%252C%25E8%25B5%25B0%25E5%258A%25BF%252C%25E7%25BB%2593%25E6%259E%259C%252C%25E7%25BB%2584%25E5%2590%2588&cu=http%253A%252F%252Fjkz168.com%252F%253Ffizyvg%253Dl0a5u&pu=http%253A%252F%252Fjkz168.com%252F | 203.107.86.226 | 200 | 0 B |
URL GET HTTP/1.1ia.51.la/go1?id=21722297&rt=1713999688731&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E5%25B0%258F%25E7%2599%25BD%25E9%25A2%2584%25E6%25B5%258B%25E7%25BD%2591%25E3%2580%2590jkz168.com%25E3%2580%2591%25E4%25B8%2593%25E4%25B8%259A%25E6%258F%2590%25E4%25BE%259B%25E5%258A%25A0%25E6%258B%25BF%25E5%25A4%25A728%25E3%2580%2581%25E5%25B9%25B8%25E8%25BF%25902&ing=1&ekc=&sid=1713999688731&tt=%25E5%258A%25A0%25E6%258B%25BF%25E5%25A4%25A728%25E9%25A2%2584%25E6%25B5%258B%2520%25E5%258A%25A0%25E6%258B%25BF%25E5%25A4%25A728%25E5%259C%25A8%25E7%25BA%25BF%25E9%25A2%2584%25E6%25B5%258B%25E7%25BD%2591%2520%25E6%259E%2581%25E8%2587%25B4%25E7%2581%25AB%25E7%2583%25AD%25E4%25BC%2598%25E8%25B4%25A8%25E7%259A%2584%25E5%2585%258D%25E8%25B4%25B9%25E9%25A2%2584%25E6%25B5%258B%25E7%25BD%2591%25E7%25AB%2599-%25E5%25B0%258F%25E7%2599%25BD%25E5%25A4%25A7%25E7%25A5%259E28%25E9%25A2%2584%25E6%25B5%258B&kw=%25E5%25B9%25B8%25E8%25BF%2590%25E9%25A2%2584%25E6%25B5%258B%252C%25E5%258A%25A0%25E6%258B%25BF%25E5%25A4%25A7%25E9%25A2%2584%25E6%25B5%258B%252C%25E9%25A2%2584%25E6%25B5%258B%252Cpc%25E9%25A2%2584%25E6%25B5%258B%252C%25E5%258C%2597%25E4%25BA%25AC%252C%25E8%25B5%25B0%25E5%258A%25BF%252C%25E7%25BB%2593%25E6%259E%259C%252C%25E7%25BB%2584%25E5%2590%2588&cu=http%253A%252F%252Fjkz168.com%252F%253Ffizyvg%253Dl0a5u&pu=http%253A%252F%252Fjkz168.com%252F IP203.107.86.226:80 ASN#37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested byhttp://jkz168.com/?fizyvg=l0a5u
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21722297&rt=1713999688731&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E5%25B0%258F%25E7%2599%25BD%25E9%25A2%2584%25E6%25B5%258B%25E7%25BD%2591%25E3%2580%2590jkz168.com%25E3%2580%2591%25E4%25B8%2593%25E4%25B8%259A%25E6%258F%2590%25E4%25BE%259B%25E5%258A%25A0%25E6%258B%25BF%25E5%25A4%25A728%25E3%2580%2581%25E5%25B9%25B8%25E8%25BF%25902&ing=1&ekc=&sid=1713999688731&tt=%25E5%258A%25A0%25E6%258B%25BF%25E5%25A4%25A728%25E9%25A2%2584%25E6%25B5%258B%2520%25E5%258A%25A0%25E6%258B%25BF%25E5%25A4%25A728%25E5%259C%25A8%25E7%25BA%25BF%25E9%25A2%2584%25E6%25B5%258B%25E7%25BD%2591%2520%25E6%259E%2581%25E8%2587%25B4%25E7%2581%25AB%25E7%2583%25AD%25E4%25BC%2598%25E8%25B4%25A8%25E7%259A%2584%25E5%2585%258D%25E8%25B4%25B9%25E9%25A2%2584%25E6%25B5%258B%25E7%25BD%2591%25E7%25AB%2599-%25E5%25B0%258F%25E7%2599%25BD%25E5%25A4%25A7%25E7%25A5%259E28%25E9%25A2%2584%25E6%25B5%258B&kw=%25E5%25B9%25B8%25E8%25BF%2590%25E9%25A2%2584%25E6%25B5%258B%252C%25E5%258A%25A0%25E6%258B%25BF%25E5%25A4%25A7%25E9%25A2%2584%25E6%25B5%258B%252C%25E9%25A2%2584%25E6%25B5%258B%252Cpc%25E9%25A2%2584%25E6%25B5%258B%252C%25E5%258C%2597%25E4%25BA%25AC%252C%25E8%25B5%25B0%25E5%258A%25BF%252C%25E7%25BB%2593%25E6%259E%259C%252C%25E7%25BB%2584%25E5%2590%2588&cu=http%253A%252F%252Fjkz168.com%252F%253Ffizyvg%253Dl0a5u&pu=http%253A%252F%252Fjkz168.com%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 24 Apr 2024 23:01:29 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: aliyungf_tc=de2b96372e5d7f613000ab50e500b2cd8994849806bed9c442f2cef3437eb8d0; Path=/; HttpOnly
acw_tc=ac11000117139996894243429eee21c29c0a1357319107d98c81b66b0dd1ec;path=/;HttpOnly;Max-Age=1800
|
|
| jkz168.com/data/get/getPageDatas | 23.225.23.85 | 200 OK | 401 B |
URL GET HTTP/1.1jkz168.com/data/get/getPageDatas IP23.225.23.85:80
Requested byhttp://jkz168.com/?fizyvg=l0a5u
File typeASCII text, with very long lines (704), with no line terminators Hash72a2b3cd532fc41f8d54c09320f8491d 360bac7432843d79516793fe60f37a1436d6e1c5 8f79aa7a7a69d01b8233c9e04921d46664722824564c9da2256fc6570dff2aa5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /data/get/getPageDatas HTTP/1.1
Host: jkz168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=88afb984451a382f86704123550eb6f1; __tins__21722297=%7B%22sid%22%3A%201713999688731%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201714001488731%7D; __51cke__=; __51laig__=1; __stins__33268664312664064=%7B%22sid%22%3A%201713999689415%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201714001489415%7D; __stud__33268664312664064=%7B%22val%22%3A%20%228f5a2c54-5970-4510-a66c-7828c87716b3%22%7D; __stsd__33268664312664064=%7B%22val%22%3A%20%2242ecfc81-6f8c-4dae-9d31-444ed8177f92%22%7D; __stcke__=; __stlaig__=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 23:01:29 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=88afb984451a382f86704123550eb6f1; path=/
Content-Encoding: gzip
|
|
| jkz168.com/static/img/jnd28.svg | 23.225.23.85 | 200 OK | 22 kB |
URL GET HTTP/1.1jkz168.com/static/img/jnd28.svg IP23.225.23.85:80
Requested byhttp://jkz168.com/?fizyvg=l0a5u
File typeSVG Scalable Vector Graphics image Hash7ea794f1c7e487e348b02af7dde22563 b42764fe19b0dc489621c78462ed662f158460c4 12d1d67a4d901fd9a316641b3c5f359f50fd7bdadd8522fae5184dffd81069cb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/img/jnd28.svg HTTP/1.1
Host: jkz168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=88afb984451a382f86704123550eb6f1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 23:01:29 GMT
Content-Type: image/svg+xml
Content-Length: 22042
Last-Modified: Mon, 13 Apr 2020 12:14:32 GMT
Connection: keep-alive
ETag: "5e9457a8-561a"
Accept-Ranges: bytes
|
|
| jkz168.com/static/img/mi/mp-tc.png | 23.225.23.85 | 200 OK | 28 kB |
URL GET HTTP/1.1jkz168.com/static/img/mi/mp-tc.png IP23.225.23.85:80
Requested byhttp://jkz168.com/?fizyvg=l0a5u
File typePNG image data, 750 x 300, 8-bit/color RGBA, non-interlaced Hashfd8301e3d2f90fa1bf235e46519df60a e18781d9eeccb22562936882c8ee6ac7086a6481 fdca279e2adae0ad47b01b09748feefab2729ef7929658a5c04f656b36844ae8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/img/mi/mp-tc.png HTTP/1.1
Host: jkz168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=88afb984451a382f86704123550eb6f1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 23:01:29 GMT
Content-Type: image/png
Content-Length: 28186
Last-Modified: Sat, 30 May 2020 17:07:12 GMT
Connection: keep-alive
ETag: "5ed292c0-6e1a"
Accept-Ranges: bytes
|
|
| meihutj.shangshangqian.cc/aj/go1?id=33268664312664064&rt=1713999689415&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E5%25B0%258F%25E7%2599%25BD%25E9%25A2%2584%25E6%25B5%258B%25E7%25BD%2591%25E3%2580%2590jkz168.com%25E3%2580%2591%25E4%25B8%2593%25E4%25B8%259A%25E6%258F%2590%25E4%25BE%259B%25E5%258A%25A0%25E6%258B%25BF%25E5%25A4%25A728%25E3%2580%2581%25E5%25B9%25B8%25E8%25BF%25902&ing=1&ekc=&sid=1713999689415&tt=%25E5%258A%25A0%25E6%258B%25BF%25E5%25A4%25A728%25E9%25A2%2584%25E6%25B5%258B%2520%25E5%258A%25A0%25E6%258B%25BF%25E5%25A4%25A728%25E5%259C%25A8%25E7%25BA%25BF%25E9%25A2%2584%25E6%25B5%258B%25E7%25BD%2591%2520%25E6%259E%2581%25E8%2587%25B4%25E7%2581%25AB%25E7%2583%25AD%25E4%25BC%2598%25E8%25B4%25A8%25E7%259A%2584%25E5%2585%258D%25E8%25B4%25B9%25E9%25A2%2584%25E6%25B5%258B%25E7%25BD%2591%25E7%25AB%2599-%25E5%25B0%258F%25E7%2599%25BD%25E5%25A4%25A7%25E7%25A5%259E28%25E9%25A2%2584%25E6%25B5%258B&kw=%25E5%25B9%25B8%25E8%25BF%2590%25E9%25A2%2584%25E6%25B5%258B%252C%25E5%258A%25A0%25E6%258B%25BF%25E5%25A4%25A7%25E9%25A2%2584%25E6%25B5%258B%252C%25E9%25A2%2584%25E6%25B5%258B%252Cpc%25E9%25A2%2584%25E6%25B5%258B%252C%25E5%258C%2597%25E4%25BA%25AC%252C%25E8%25B5%25B0%25E5%258A%25BF%252C%25E7%25BB%2593%25E6%259E%259C%252C%25E7%25BB%2584%25E5%2590%2588&cu=http%253A%252F%252Fjkz168.com%252F%253Ffizyvg%253Dl0a5u&pu=http%253A%252F%252Fjkz168.com%252F&nd=1&ud=8f5a2c54-5970-4510-a66c-7828c87716b3&sd=42ecfc81-6f8c-4dae-9d31-444ed8177f92 | 103.216.152.88 | 200 OK | 139 B |
URL GET HTTP/2meihutj.shangshangqian.cc/aj/go1?id=33268664312664064&rt=1713999689415&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E5%25B0%258F%25E7%2599%25BD%25E9%25A2%2584%25E6%25B5%258B%25E7%25BD%2591%25E3%2580%2590jkz168.com%25E3%2580%2591%25E4%25B8%2593%25E4%25B8%259A%25E6%258F%2590%25E4%25BE%259B%25E5%258A%25A0%25E6%258B%25BF%25E5%25A4%25A728%25E3%2580%2581%25E5%25B9%25B8%25E8%25BF%25902&ing=1&ekc=&sid=1713999689415&tt=%25E5%258A%25A0%25E6%258B%25BF%25E5%25A4%25A728%25E9%25A2%2584%25E6%25B5%258B%2520%25E5%258A%25A0%25E6%258B%25BF%25E5%25A4%25A728%25E5%259C%25A8%25E7%25BA%25BF%25E9%25A2%2584%25E6%25B5%258B%25E7%25BD%2591%2520%25E6%259E%2581%25E8%2587%25B4%25E7%2581%25AB%25E7%2583%25AD%25E4%25BC%2598%25E8%25B4%25A8%25E7%259A%2584%25E5%2585%258D%25E8%25B4%25B9%25E9%25A2%2584%25E6%25B5%258B%25E7%25BD%2591%25E7%25AB%2599-%25E5%25B0%258F%25E7%2599%25BD%25E5%25A4%25A7%25E7%25A5%259E28%25E9%25A2%2584%25E6%25B5%258B&kw=%25E5%25B9%25B8%25E8%25BF%2590%25E9%25A2%2584%25E6%25B5%258B%252C%25E5%258A%25A0%25E6%258B%25BF%25E5%25A4%25A7%25E9%25A2%2584%25E6%25B5%258B%252C%25E9%25A2%2584%25E6%25B5%258B%252Cpc%25E9%25A2%2584%25E6%25B5%258B%252C%25E5%258C%2597%25E4%25BA%25AC%252C%25E8%25B5%25B0%25E5%258A%25BF%252C%25E7%25BB%2593%25E6%259E%259C%252C%25E7%25BB%2584%25E5%2590%2588&cu=http%253A%252F%252Fjkz168.com%252F%253Ffizyvg%253Dl0a5u&pu=http%253A%252F%252Fjkz168.com%252F&nd=1&ud=8f5a2c54-5970-4510-a66c-7828c87716b3&sd=42ecfc81-6f8c-4dae-9d31-444ed8177f92 IP103.216.152.88:443 ASN#137697 CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China.
Requested byhttp://jkz168.com/?fizyvg=l0a5u CertificateIssuerLet's Encrypt Subjectmeihutj.shangshangqian.cc FingerprintBD:4E:0E:15:1C:A0:40:DD:A4:9E:C8:47:2E:5A:22:D1:C8:85:5E:8B ValidityWed, 03 Apr 2024 15:11:20 GMT - Tue, 02 Jul 2024 15:11:19 GMT
File typePNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced Hash96478865e4d936a9dd48927bbd1ab94d 2aeaea56cda10046df20b3baf7aa8927a83f731f 41edeeecbdbd5163d4a0662774072df84c51238f2e648e6fbd5e101d8bc900c6
GET /aj/go1?id=33268664312664064&rt=1713999689415&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E5%25B0%258F%25E7%2599%25BD%25E9%25A2%2584%25E6%25B5%258B%25E7%25BD%2591%25E3%2580%2590jkz168.com%25E3%2580%2591%25E4%25B8%2593%25E4%25B8%259A%25E6%258F%2590%25E4%25BE%259B%25E5%258A%25A0%25E6%258B%25BF%25E5%25A4%25A728%25E3%2580%2581%25E5%25B9%25B8%25E8%25BF%25902&ing=1&ekc=&sid=1713999689415&tt=%25E5%258A%25A0%25E6%258B%25BF%25E5%25A4%25A728%25E9%25A2%2584%25E6%25B5%258B%2520%25E5%258A%25A0%25E6%258B%25BF%25E5%25A4%25A728%25E5%259C%25A8%25E7%25BA%25BF%25E9%25A2%2584%25E6%25B5%258B%25E7%25BD%2591%2520%25E6%259E%2581%25E8%2587%25B4%25E7%2581%25AB%25E7%2583%25AD%25E4%25BC%2598%25E8%25B4%25A8%25E7%259A%2584%25E5%2585%258D%25E8%25B4%25B9%25E9%25A2%2584%25E6%25B5%258B%25E7%25BD%2591%25E7%25AB%2599-%25E5%25B0%258F%25E7%2599%25BD%25E5%25A4%25A7%25E7%25A5%259E28%25E9%25A2%2584%25E6%25B5%258B&kw=%25E5%25B9%25B8%25E8%25BF%2590%25E9%25A2%2584%25E6%25B5%258B%252C%25E5%258A%25A0%25E6%258B%25BF%25E5%25A4%25A7%25E9%25A2%2584%25E6%25B5%258B%252C%25E9%25A2%2584%25E6%25B5%258B%252Cpc%25E9%25A2%2584%25E6%25B5%258B%252C%25E5%258C%2597%25E4%25BA%25AC%252C%25E8%25B5%25B0%25E5%258A%25BF%252C%25E7%25BB%2593%25E6%259E%259C%252C%25E7%25BB%2584%25E5%2590%2588&cu=http%253A%252F%252Fjkz168.com%252F%253Ffizyvg%253Dl0a5u&pu=http%253A%252F%252Fjkz168.com%252F&nd=1&ud=8f5a2c54-5970-4510-a66c-7828c87716b3&sd=42ecfc81-6f8c-4dae-9d31-444ed8177f92 HTTP/1.1
Host: meihutj.shangshangqian.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 23:00:24 GMT
content-type: image/png
content-length: 139
cache-control: no-cache
X-Firefox-Spdy: h2
|
|
| jkz168.com/static/fonts/Quantico.ttf | 23.225.23.85 | 200 OK | 35 kB |
URL GET HTTP/1.1jkz168.com/static/fonts/Quantico.ttf IP23.225.23.85:80
Requested byhttp://jkz168.com/?fizyvg=l0a5u
File typeTrueType Font data, 19 tables, 1st "FFTM", 22 names, Macintosh, type 1 string, Quantico Regular Webfont Hash3782819f711dee324425cbe6c063e645 ec6641ccd299ac542b05ba4508fab3775a8ab7c9 0fbcc11387d5bab23157f83af4ab5fd0d28a76a72f1475cb5b8f2fe5b5aab534
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/fonts/Quantico.ttf HTTP/1.1
Host: jkz168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://jkz168.com/static/css/style.css
Cookie: PHPSESSID=88afb984451a382f86704123550eb6f1; __tins__21722297=%7B%22sid%22%3A%201713999688731%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201714001488731%7D; __51cke__=; __51laig__=1; __stins__33268664312664064=%7B%22sid%22%3A%201713999689415%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201714001489415%7D; __stud__33268664312664064=%7B%22val%22%3A%20%228f5a2c54-5970-4510-a66c-7828c87716b3%22%7D; __stsd__33268664312664064=%7B%22val%22%3A%20%2242ecfc81-6f8c-4dae-9d31-444ed8177f92%22%7D; __stcke__=; __stlaig__=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 23:01:29 GMT
Content-Type: application/octet-stream
Content-Length: 34776
Last-Modified: Fri, 29 May 2020 14:50:22 GMT
Connection: keep-alive
ETag: "5ed1212e-87d8"
Accept-Ranges: bytes
|
|
| jkz168.com/favicon.ico | 23.225.23.85 | | 9.1 kB |
IP23.225.23.85:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 Hash52defdaf751019bfa6dd666b465f5f42 33d975121c9fe3047fa701bceea61fb7ba060528 11a9df441b5b4f43f14a59e27d29f55bb692c89bdc1cc3689167be4b28d8d04c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: jkz168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://jkz168.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Location: /favicon.ico
Connection: Close
|
|
| jkz168.com/static/img/mi/favicon.ico | 23.225.23.85 | 200 OK | 4.3 kB |
URL GET HTTP/1.1jkz168.com/static/img/mi/favicon.ico IP23.225.23.85:80
Requested byhttp://jkz168.com/?fizyvg=l0a5u
File typeMS Windows icon resource - 1 icon, 32x32, 32 bits/pixel Hashbb442c570a3ecd2337350794e991fd90 91bffb6f2d37f128743c577ba7c0971cbd630068 bffcb5dd509cd73ca1ccfdefc67c72b8973095ae2706c75b63d4eae0960361c6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/img/mi/favicon.ico HTTP/1.1
Host: jkz168.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=88afb984451a382f86704123550eb6f1; __tins__21722297=%7B%22sid%22%3A%201713999688731%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201714001488731%7D; __51cke__=; __51laig__=1; __stins__33268664312664064=%7B%22sid%22%3A%201713999689415%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201714001489415%7D; __stud__33268664312664064=%7B%22val%22%3A%20%228f5a2c54-5970-4510-a66c-7828c87716b3%22%7D; __stsd__33268664312664064=%7B%22val%22%3A%20%2242ecfc81-6f8c-4dae-9d31-444ed8177f92%22%7D; __stcke__=; __stlaig__=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 24 Apr 2024 23:01:30 GMT
Content-Type: image/x-icon
Content-Length: 4286
Last-Modified: Sat, 01 Oct 2022 11:19:37 GMT
Connection: keep-alive
ETag: "63382249-10be"
Accept-Ranges: bytes
|
|
| images.htqwhj.com/28yc/Frame10278.png | 103.149.144.197 | 200 OK | 50 kB |
URL GET HTTP/1.1images.htqwhj.com/28yc/Frame10278.png IP103.149.144.197:80 ASN#151193 Shandong Deju Information Technology Co Ltd
Requested byhttp://jkz168.com/?fizyvg=l0a5u
File typePNG image data, 1024 x 274, 8-bit colormap, non-interlaced Hash3541f3bdf8c5602a6d639636a031d4aa e277c175f82e60b47cff046a46b13ef0d647dbb6 dea4d66cfb05388e93bc08ece036985395cde13ca31b2e2c6abdcf5f76a14baf
GET /28yc/Frame10278.png HTTP/1.1
Host: images.htqwhj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://jkz168.com
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 23:01:30 GMT
Content-Type: image/png
Content-Length: 49559
Last-Modified: Mon, 15 Apr 2024 14:22:27 GMT
Connection: keep-alive
ETag: "661d3823-c197"
Expires: Fri, 24 May 2024 23:01:30 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Alt-Svc: quic=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS
Accept-Ranges: bytes
|
|
| images.htqwhj.com/sz/kymn.gif | 103.149.144.197 | 200 OK | 148 kB |
URL GET HTTP/1.1images.htqwhj.com/sz/kymn.gif IP103.149.144.197:80 ASN#151193 Shandong Deju Information Technology Co Ltd
Requested byhttp://jkz168.com/?fizyvg=l0a5u
File typeGIF image data, version 89a, 1120 x 300 Size148 kB (148309 bytes) Hash8bc9212e0c9b9771950b4e4917039d24 716d387a508bf0d645ecbfb7d5b2904446254fc7 f5a61a3d6c7d05d77c954ea2d81f2623c6960ebd0e380863c79e9cf29f177585
GET /sz/kymn.gif HTTP/1.1
Host: images.htqwhj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://jkz168.com
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 23:01:30 GMT
Content-Type: image/gif
Content-Length: 148309
Last-Modified: Mon, 15 Apr 2024 17:21:42 GMT
Connection: keep-alive
ETag: "661d6226-24355"
Expires: Fri, 24 May 2024 23:01:30 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Alt-Svc: quic=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS
Accept-Ranges: bytes
|
|
| images.htqwhj.com/zf/1zfgghf.gif | 103.149.144.197 | 200 OK | 187 kB |
URL GET HTTP/1.1images.htqwhj.com/zf/1zfgghf.gif IP103.149.144.197:80 ASN#151193 Shandong Deju Information Technology Co Ltd
Requested byhttp://jkz168.com/?fizyvg=l0a5u
File typeGIF image data, version 89a, 1120 x 350 Size187 kB (186956 bytes) Hash771d8646eac3abb295dc9d1e65ec02a8 8c62c46cc6254a7177f5b2f0473481e069b2b816 8f561848dcea4875d371e20792bf76785fecd907b05ada378ad2ad29d2bea65b
GET /zf/1zfgghf.gif HTTP/1.1
Host: images.htqwhj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://jkz168.com
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 23:01:30 GMT
Content-Type: image/gif
Content-Length: 186956
Last-Modified: Mon, 15 Apr 2024 17:34:28 GMT
Connection: keep-alive
ETag: "661d6524-2da4c"
Expires: Fri, 24 May 2024 23:01:30 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Alt-Svc: quic=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS
Accept-Ranges: bytes
|
|
| images.htqwhj.com/28yc/Frame-1029.gif | 103.149.144.197 | 200 OK | 710 kB |
URL GET HTTP/1.1images.htqwhj.com/28yc/Frame-1029.gif IP103.149.144.197:80 ASN#151193 Shandong Deju Information Technology Co Ltd
Requested byhttp://jkz168.com/?fizyvg=l0a5u
File typeGIF image data, version 89a, 4480 x 1200 Size710 kB (710197 bytes) Hash605e4d463a2d0ece595cc42db3c76345 79a8bf11bc8d79718a4ee0c02dad5032626ab7fe cb88b142bbd8cf0d2a692c91edc97642cf3caadab1f3f6a03087e1da78c9f8d5
GET /28yc/Frame-1029.gif HTTP/1.1
Host: images.htqwhj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://jkz168.com
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 23:01:30 GMT
Content-Type: image/gif
Content-Length: 710197
Last-Modified: Mon, 15 Apr 2024 14:22:22 GMT
Connection: keep-alive
ETag: "661d381e-ad635"
Expires: Fri, 24 May 2024 23:01:30 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Alt-Svc: quic=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS
Accept-Ranges: bytes
|
|
| images.htqwhj.com/ch/qf.gif | 103.149.144.197 | 200 OK | 711 kB |
URL GET HTTP/1.1images.htqwhj.com/ch/qf.gif IP103.149.144.197:80 ASN#151193 Shandong Deju Information Technology Co Ltd
Requested byhttp://jkz168.com/?fizyvg=l0a5u
File typeGIF image data, version 89a, 2240 x 600 Size711 kB (711388 bytes) Hashb1819e408f3ed16afd52ff18a28bf30e e07ea8d15e732b420fa1723d3a7b16b9f5def47e dd73a42c6916ac9183270385f4cac36019db49bf13aee75eb439aab74f33d877
GET /ch/qf.gif HTTP/1.1
Host: images.htqwhj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://jkz168.com
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 23:01:30 GMT
Content-Type: image/gif
Content-Length: 711388
Last-Modified: Mon, 15 Apr 2024 16:26:50 GMT
Connection: keep-alive
ETag: "661d554a-adadc"
Expires: Fri, 24 May 2024 23:01:30 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Alt-Svc: quic=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS
Accept-Ranges: bytes
|
|