wxtdjs.com/yhtz1.js
38.177.159.139200 OK 956 B IP 38.177.159.139:80
File type HTML document, ASCII text
Hash a1bfcc3cccdb75b290fed74730ef3e61
26dc29f53aa86050ba6e86d98d03203bf0e68540
e064785bace8584c07e020d887970da67007619075aba0528eaa0a77a722881b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /yhtz1.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:53 GMT
Content-Type: application/javascript
Content-Length: 956
Last-Modified: Mon, 22 Apr 2024 07:55:58 GMT
Connection: keep-alive
ETag: "6626180e-3bc"
Expires: Fri, 26 Apr 2024 18:31:53 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
38.177.159.139200 OK 64 kB URL User Request GET HTTP/1.1 IP 38.177.159.139:80
File type HTML document, ASCII text, with very long lines (33695)
Hash b9271b0b167c70e9fb4f102671f626db
082d445285d7d70f38bd2a7673be71d90da3e598
b80eedf1a13087b5a91a0c81daf46b1f399c291158fbd993d041b8934e6ac0a1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:53 GMT
Content-Type: text/html
Last-Modified: Mon, 15 Apr 2024 09:46:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"661cf76f-4b34b"
Content-Encoding: gzip
wxtdjs.com/static/css/graphic1.css
38.177.159.139200 OK 3.7 kB URL GET HTTP/1.1 wxtdjs.com/static/css/graphic1.css
IP 38.177.159.139:80
File type ASCII text, with very long lines (1137), with CR, LF line terminators
Hash caf4d68b04308de2b4db1d8ed5179fe3
da63673bddb6fb1615bd65c76364b9fab8aca6ec
8c603b2160dd36c874882bb88247de6da17a211ce648f00a7ce714a661cbd83a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/graphic1.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:54 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:13:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df30-422b"
Expires: Fri, 26 Apr 2024 18:31:54 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/css/style.css
38.177.159.139200 OK 875 B URL GET HTTP/1.1 wxtdjs.com/static/css/style.css
IP 38.177.159.139:80
Hash 006fdd4bbc4686dcd5d61b0da1e07027
69e9a6d25f661fda9c2f78315ee4c20a4ef60538
b3d99842f60a019e24be9a9d155e7531964e23a0d63f254c95e3d7df2429eb98
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/style.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:54 GMT
Content-Type: text/css
Content-Length: 875
Last-Modified: Fri, 12 Apr 2024 07:14:30 GMT
Connection: keep-alive
ETag: "6618df56-36b"
Expires: Fri, 26 Apr 2024 18:31:54 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
wxtdjs.com/static/css/rlkkKBqikiRlnSrppoRljSjprkilRliSjlomkrRljSjrrlrkiqkokqRriSrqpmrrnorrrrSRjl.css
38.177.159.139200 OK 9.1 kB URL GET HTTP/1.1 wxtdjs.com/static/css/rlkkKBqikiRlnSrppoRljSjprkilRliSjlomkrRljSjrrlrkiqkokqRriSrqpmrrnorrrrSRjl.css
IP 38.177.159.139:80
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4de63880c6bf3842bedf00abef0c520a
296cd9b778ae4164a65e6fb8213b8c15a36d2f68
85c59d1c831738ba033dd0b032d7a2df4b5ee0c4abb90dfff9dad725aee5729f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/rlkkKBqikiRlnSrppoRljSjprkilRliSjlomkrRljSjrrlrkiqkokqRriSrqpmrrnorrrrSRjl.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:54 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:13:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df32-1b012"
Expires: Fri, 26 Apr 2024 18:31:54 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
sdk.51.la/js-sdk-pro.min.js
47.246.44.241200 OK 13 kB URL GET HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.246.44.241:80
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (34110)
Hash 24bb520e9517f2ed3ed987b46aeaf723
846723563d7dd2bff3954f93633b11af0103adc8
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 12846
Connection: keep-alive
Date: Wed, 17 Apr 2024 02:56:06 GMT
x-oss-request-id: 661F3A46A554993430118686
x-oss-cdn-auth: success
Accept-Ranges: bytes
x-oss-object-type: Normal
x-oss-storage-class: Standard
Content-MD5: JLtSDpUX8u0+2Ye0aur3Iw==
x-oss-server-time: 3
Ali-Swift-Global-Savetime: 1713322566
Via: cache15.l2de2[0,0,304-0,H], cache6.l2de2[0,0], ens-cache18.se2[0,0,200-0,H], ens-cache13.se2[0,0]
Vary: Accept-Encoding
Last-Modified: Thu, 08 Jun 2023 02:24:34 GMT
x-oss-hash-crc64ecma: 5143829838470429443
Content-Encoding: gzip
Age: 790440
X-Cache: HIT TCP_MEM_HIT dirn:10:322730086
X-Swift-SaveTime: Wed, 17 Apr 2024 02:56:06 GMT
X-Swift-CacheTime: 1296000
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 2ff62ca117141130065331210e
wxtdjs.com/static/css/css-Open20Sans.css
38.177.159.139200 OK 1.6 kB URL GET HTTP/1.1 wxtdjs.com/static/css/css-Open20Sans.css
IP 38.177.159.139:80
File type ASCII text, with very long lines (1572)
Hash 66899d34d8d7db7c79fc568762f667c1
46cb3ca5c121f77fe698a764195bc15271ba9eab
ec3dbe341e20a7d910b4b18d65f42d023aaf0db3ca1bdb5e9f18795b4740cd69
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/css-Open20Sans.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:54 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:13:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df2e-1546"
Expires: Fri, 26 Apr 2024 18:31:54 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/css/css-Poppins300400500_swap.css
38.177.159.139200 OK 411 B URL GET HTTP/1.1 wxtdjs.com/static/css/css-Poppins300400500_swap.css
IP 38.177.159.139:80
Hash 4efd79811d2e1ca089d96b1feef948e1
c0c7da43051bb1da7da04c9c7232ba3df8823d09
e8119370f86ccc7f7b00efbb6f1a362352c118cb055014e6cb0a4e2e7e6bf2f5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/css-Poppins300400500_swap.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:54 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:13:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df30-877"
Expires: Fri, 26 Apr 2024 18:31:54 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/css/block_22864.css
38.177.159.139200 OK 14 kB URL GET HTTP/1.1 wxtdjs.com/static/css/block_22864.css
IP 38.177.159.139:80
File type ASCII text, with very long lines (4224), with CR, LF line terminators
Hash 2c20277c0d6abe34b7b4f7dc9ef583d7
06598237267ff9b2a87cc72e08dce2ad90538d6a
cf8ffca495464b5279cbd3cfd87f68c2ba34e616c0999ff08e2c3ab915f4c6da
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/block_22864.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:54 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:13:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df32-ddd1"
Expires: Fri, 26 Apr 2024 18:31:54 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/js/speedLazyLoad4.min.js
38.177.159.139200 OK 5.9 kB URL GET HTTP/1.1 wxtdjs.com/static/js/speedLazyLoad4.min.js
IP 38.177.159.139:80
File type JavaScript source, Unicode text, UTF-8 text
Hash 5c6c28962c3d3c35eb2d915b1022f8dd
054ca32e119d3a8623db9c805cc1dc41fd8d0733
d79fbb26183c63fa4f9222b570f8928c872e71309e55f06d3f744aed5eddec7f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/speedLazyLoad4.min.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:54 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:15:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df88-6211"
Expires: Fri, 26 Apr 2024 18:31:54 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/css/prodsearch.css
38.177.159.139200 OK 67 kB URL GET HTTP/1.1 wxtdjs.com/static/css/prodsearch.css
IP 38.177.159.139:80
File type ASCII text, with very long lines (4224), with CR, LF line terminators
Hash b851148c9270c8e2caaee8c424169eab
906c3853d316936b243093ed65509aa155224928
1a32bb2171de2db177c7f3679840da74e9481c6445e07576d1c0a93ba00939bd
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/prodsearch.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:54 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:14:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df58-539b4"
Expires: Fri, 26 Apr 2024 18:31:54 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/js/vue_2_6_11.js
38.177.159.139200 OK 26 kB URL GET HTTP/1.1 wxtdjs.com/static/js/vue_2_6_11.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text, with very long lines (64788), with CRLF line terminators
Hash dbeb843a7fb3c44653f72da6e559cb19
0b0c6d18da1abd48414f8ca0ab6c834785da6653
50932c269aff0c85f21351858a24b4f749d63b8a0382c9e2ed9d83c17840e38a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/vue_2_6_11.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:54 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:14:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df72-fd70"
Expires: Fri, 26 Apr 2024 18:31:54 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
zerossl.ocsp.sectigo.com/
104.18.38.233 727 B URL zerossl.ocsp.sectigo.com/
IP 104.18.38.233:0
Hash 95da51ccf8206d6f97ae5dbb968e0e8f
79fd36f313db0c7873bc692df51033ffcf9b89da
02046c161a7ecfe4bd0fc280eafb0b99cb8bdfb78d019bbbaae7c913c8bdbc06
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 06:30:07 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Wed, 24 Apr 2024 11:14:42 GMT
Expires: Wed, 01 May 2024 11:14:41 GMT
Etag: "79fd36f313db0c7873bc692df51033ffcf9b89da"
Cache-Control: max-age=448473,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 87a485b7abde712d-OSL
wxtdjs.com/static/picture/0.jpg
38.177.159.139200 OK 1.4 kB URL GET HTTP/1.1 wxtdjs.com/static/picture/0.jpg
IP 38.177.159.139:80
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 21x14, components 3
Hash 57961f920e15d54e0c9f87ff9e4fa5cb
01e3a83b0af68dd7700cf7fb3b981746467ecd28
7ad056818264eae496d36301945919d6aa730b0099ce159f92f90010cec07cf1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/picture/0.jpg HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:55 GMT
Content-Type: image/jpeg
Content-Length: 1421
Last-Modified: Fri, 12 Apr 2024 06:48:52 GMT
Connection: keep-alive
ETag: "6618d954-58d"
Expires: Sun, 26 May 2024 06:31:55 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wxtdjs.com/static/picture/logo.png
38.177.159.139200 OK 7.8 kB URL GET HTTP/1.1 wxtdjs.com/static/picture/logo.png
IP 38.177.159.139:80
File type PNG image data, 58 x 70, 8-bit/color RGBA, non-interlaced
Hash ea494c078c378d83683cca53fc29cecf
0a43df9a39a16dd72261f8ac5e8eeb834da8fd1c
5bc4f313bf7c4195f41187a78d3bb44aef140841b698fff7df5b52c463fed07d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/picture/logo.png HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:55 GMT
Content-Type: image/png
Content-Length: 7778
Last-Modified: Fri, 12 Apr 2024 07:00:42 GMT
Connection: keep-alive
ETag: "6618dc1a-1e62"
Expires: Sun, 26 May 2024 06:31:55 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wxtdjs.com/static/font/pxiEyp8kv8JHgFVrJJfecg.woff2
38.177.159.139200 OK 7.9 kB URL GET HTTP/1.1 wxtdjs.com/static/font/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 38.177.159.139:80
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/font/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/static/css/css-Poppins300400500_swap.css
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:55 GMT
Content-Type: font/woff2
Content-Length: 7884
Last-Modified: Fri, 12 Apr 2024 07:12:58 GMT
Connection: keep-alive
ETag: "6618defa-1ecc"
Accept-Ranges: bytes
wxtdjs.com/static/image/solution-icon1.png
38.177.159.139200 OK 4.3 kB URL GET HTTP/1.1 wxtdjs.com/static/image/solution-icon1.png
IP 38.177.159.139:80
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced
Hash 88985069399d4c510d06340512717932
ed37c23f91626c3ad278238ab53791d5deae8cbe
328602209e0a72f4cad6a251de88a3c0f6f340b34cc69a1597c4260b4e94ed7a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/image/solution-icon1.png HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/static/css/rlkkKBqikiRlnSrppoRljSjprkilRliSjlomkrRljSjrrlrkiqkokqRriSrqpmrrnorrrrSRjl.css
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:55 GMT
Content-Type: image/png
Content-Length: 4312
Last-Modified: Fri, 12 Apr 2024 07:09:10 GMT
Connection: keep-alive
ETag: "6618de16-10d8"
Expires: Sun, 26 May 2024 06:31:55 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wxtdjs.com/static/image/solution-icon3.png
38.177.159.139200 OK 4.7 kB URL GET HTTP/1.1 wxtdjs.com/static/image/solution-icon3.png
IP 38.177.159.139:80
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced
Hash 00136d0cf0be342629b9f6c304dfc1df
05e3ec1c1e083b14e8fc2f41d79e881982cf27a8
1130469b2114e36d6b1ca1624f78164a8f5ae9bf4c830b52e4804deb5b100be1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/image/solution-icon3.png HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/static/css/rlkkKBqikiRlnSrppoRljSjprkilRliSjlomkrRljSjrrlrkiqkokqRriSrqpmrrnorrrrSRjl.css
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:55 GMT
Content-Type: image/png
Content-Length: 4723
Last-Modified: Fri, 12 Apr 2024 07:09:10 GMT
Connection: keep-alive
ETag: "6618de16-1273"
Expires: Sun, 26 May 2024 06:31:55 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wxtdjs.com/static/font/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
38.177.159.139200 OK 7.7 kB URL GET HTTP/1.1 wxtdjs.com/static/font/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 38.177.159.139:80
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/font/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/static/css/css-Poppins300400500_swap.css
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:55 GMT
Content-Type: font/woff2
Content-Length: 7748
Last-Modified: Fri, 12 Apr 2024 07:12:50 GMT
Connection: keep-alive
ETag: "6618def2-1e44"
Accept-Ranges: bytes
collect-v6.51.la/v6/collect?dt=4
203.107.86.226403 0 B URL POST HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 203.107.86.226:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 349
Origin: http://wxtdjs.com
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403
Date: Fri, 26 Apr 2024 06:30:08 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: aliyungf_tc=85a250e375c17fb07694e46498762de943aec4b9c0fc24c4d215f3d3aab9e901; Path=/; HttpOnly
acw_tc=ac11000117141130080036034eac6dc3a64a4b768b28720a420b900614a776;path=/;HttpOnly;Max-Age=1800
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://wxtdjs.com
Access-Control-Allow-Credentials: true
wxtdjs.com/static/js/jquery-1.11.0.concat.js
38.177.159.139200 OK 48 kB URL GET HTTP/1.1 wxtdjs.com/static/js/jquery-1.11.0.concat.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text, with very long lines (1406)
Hash 1d1fbdf94c159149de3412e8a3aeb3e3
0cdb547b3bc8f84054b5de9bf4b900447acc81fb
2db06e88bdd9a76cbe0aa0cd8f41da2813649392671ac6cdb25fe68dc00b6cc8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/jquery-1.11.0.concat.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:55 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:15:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df84-1e17f"
Expires: Fri, 26 Apr 2024 18:31:55 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/js/ltm-web-1709800650000.js
38.177.159.139200 OK 13 kB URL GET HTTP/1.1 wxtdjs.com/static/js/ltm-web-1709800650000.js
IP 38.177.159.139:80
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (10335), with CRLF, LF line terminators
Hash 117fe763e0efb7c626df5da82fa7cd19
9abccc945528903990f0bb61b9872079d4fad3de
e69bb1baa075d4bfda067de0962d917d95a108fc848056c7eefefbf70c5eb2e9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/ltm-web-1709800650000.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:56 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:14:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df6c-c377"
Expires: Fri, 26 Apr 2024 18:31:56 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/font/fontawesome-webfont.woff2
38.177.159.139200 OK 77 kB URL GET HTTP/1.1 wxtdjs.com/static/font/fontawesome-webfont.woff2
IP 38.177.159.139:80
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/font/fontawesome-webfont.woff2 HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/static/css/prodsearch.css
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:56 GMT
Content-Type: font/woff2
Content-Length: 77160
Last-Modified: Fri, 12 Apr 2024 07:13:16 GMT
Connection: keep-alive
ETag: "6618df0c-12d68"
Accept-Ranges: bytes
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/index.b71c1459.css
20.2.31.84200 OK 32 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/index.b71c1459.css
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0ba35f530785631fe918ce29bc8c7272
974ba510e3ca6071be8bf9e494003a19d5a62dc1
0e589e07ea020db170558d98ecf15a76e0a6cb5e24685e4158e40d9867ad4f89
GET /fuhua/static/index.b71c1459.css HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:07 GMT
content-type: text/css
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
vary: Accept-Encoding
etag: W/"65f6a11a-178fe"
cache-control: max-age=43200
content-encoding: gzip
x-country: NO
x-cache: HIT@whopperm3000000
X-Firefox-Spdy: h2
wxtdjs.com/static/picture/weixintupian_20240207153042.jpg
38.177.159.139200 OK 488 kB URL GET HTTP/1.1 wxtdjs.com/static/picture/weixintupian_20240207153042.jpg
IP 38.177.159.139:80
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 1500x824, components 3
Size 488 kB (488107 bytes)
Hash 07f688b507d882c2503c632a1f0823ac
eb34c2fdfa80b909fc21892a8d96b8d55cd79fb9
bdaf9e854304634dff007ab6c0c448411c1042459daa67ab0e8f395fea34a536
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/picture/weixintupian_20240207153042.jpg HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:55 GMT
Content-Type: image/jpeg
Content-Length: 488107
Last-Modified: Fri, 12 Apr 2024 06:49:06 GMT
Connection: keep-alive
ETag: "6618d962-772ab"
Expires: Sun, 26 May 2024 06:31:55 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/tabbar/home_act.png
20.2.31.84200 OK 708 B URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/tabbar/home_act.png
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced
Hash e9ac78b5bb4e4a384451d26b13dde8d9
eddd419595cdc508a57738d0d95b2bb6f7dcd65e
138dae11f8c964edcc3e4fd92e1e34a8c92ac1020f8686aab2ede2de56cd42c2
GET /fuhua/static/images/tabbar/home_act.png HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:09 GMT
content-type: image/png
content-length: 708
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
etag: "65f6a11a-2c4"
cache-control: max-age=2592000
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/tabbar/quotes_nor.png
20.2.31.84200 OK 628 B URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/tabbar/quotes_nor.png
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced
Hash 4386be2a22bb73c5b450243f0edb6ec7
64c78d5bd644da179675306ac428001e2560a6f3
9c9d1934770b2efdca36cfcf8bde45283225c231d10c599e39b06b2de7c17a3e
GET /fuhua/static/images/tabbar/quotes_nor.png HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:09 GMT
content-type: image/png
content-length: 628
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
etag: "65f6a11a-274"
cache-control: max-age=2592000
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/tabbar/news_nor.png
20.2.31.84200 OK 571 B URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/tabbar/news_nor.png
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced
Hash 45c3542df666001144e3f4b92a174c66
268575a2a60a0a140e375f5913505c5010f07758
68144366edc7c1572cfc666f404c061df7b6454e0024c3a11b2d8c5e04503f4b
GET /fuhua/static/images/tabbar/news_nor.png HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:09 GMT
content-type: image/png
content-length: 571
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
etag: "65f6a11a-23b"
cache-control: max-age=2592000
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/tabbar/contract_nor.png
20.2.31.84200 OK 857 B URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/tabbar/contract_nor.png
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced
Hash de274fc0fb3bb46f7202b0aea18934ef
8dfb783af6a1f3a1e80ed593b9aa17e8be2e0d74
1ba247dcd44fe00f34acf2bf550a87d84707028b56bc7f28168404a2284bf054
GET /fuhua/static/images/tabbar/contract_nor.png HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:09 GMT
content-type: image/png
content-length: 857
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
etag: "65f6a11a-359"
cache-control: max-age=2592000
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/tabbar/my_nor.png
20.2.31.84200 OK 714 B URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/tabbar/my_nor.png
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced
Hash 70f1aebb125dd5c1b4acbac3449fd360
73041c35322759cba30eeb637fd4dcf5c731486b
4e53b729b68615461649a3cf02ed9b0908b48ecf7c27d07a289430e384674a81
GET /fuhua/static/images/tabbar/my_nor.png HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:09 GMT
content-type: image/png
content-length: 714
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
etag: "65f6a11a-2ca"
cache-control: max-age=2592000
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
ld-analytics.micyjz.com/collect?p_t=pageView&p_s=1280x1024&p_v=1280x1024&p_u=http%253A%252F%252Fwxtdjs.com%252F&p_cId=5a4e667532457665484233546f4a4736552b2f4768497371316d684530477431&p_vid=f16c6d4f-d16e-4624-9c59-f65c3dee7ca2&p_tzone=UTC%2B0&p_uid=f9b6d765.2061654070&p_r=&p_st=1714113009425&p_lang=en-US&p_menu_prefix=&p_lanEdition=EN_US&p_sViewMode=true&p_singlePublish=false&_=1714113009425a23
54.230.111.120403 Forbidden 111 B URL GET HTTP/1.1 ld-analytics.micyjz.com/collect?p_t=pageView&p_s=1280x1024&p_v=1280x1024&p_u=http%253A%252F%252Fwxtdjs.com%252F&p_cId=5a4e667532457665484233546f4a4736552b2f4768497371316d684530477431&p_vid=f16c6d4f-d16e-4624-9c59-f65c3dee7ca2&p_tzone=UTC%2B0&p_uid=f9b6d765.2061654070&p_r=&p_st=1714113009425&p_lang=en-US&p_menu_prefix=&p_lanEdition=EN_US&p_sViewMode=true&p_singlePublish=false&_=1714113009425a23
IP 54.230.111.120:80
Hash 61d1dece9df3805549e0008e47af3cc5
24dca2825dee7eaeab033066891fdb052d93b456
7f722b484acc557dbb321f19a80d20471be63ed6f7c55075eba18a716699327a
GET /collect?p_t=pageView&p_s=1280x1024&p_v=1280x1024&p_u=http%253A%252F%252Fwxtdjs.com%252F&p_cId=5a4e667532457665484233546f4a4736552b2f4768497371316d684530477431&p_vid=f16c6d4f-d16e-4624-9c59-f65c3dee7ca2&p_tzone=UTC%2B0&p_uid=f9b6d765.2061654070&p_r=&p_st=1714113009425&p_lang=en-US&p_menu_prefix=&p_lanEdition=EN_US&p_sViewMode=true&p_singlePublish=false&_=1714113009425a23 HTTP/1.1
Host: ld-analytics.micyjz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Fri, 26 Apr 2024 06:30:09 GMT
L-M: imBoqKVjkWViiWkrWVkiip
L-R-T: 2024-04-26 14:30:09
access-control-allow-origin: *
X-Cache: Error from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: e27mu9y2GIGN_WyHLOI5KDCgpHL7tThssiMkBR7yo1pHwVNejCCJBQ==
wxtdjs.com/static/js/phoenix_il8n_EN_US.js
38.177.159.139200 OK 46 kB URL GET HTTP/1.1 wxtdjs.com/static/js/phoenix_il8n_EN_US.js
IP 38.177.159.139:80
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (622), with CRLF, CR, LF line terminators
Hash 3659c73d0b975cf9c26ab4b508f24575
56555ddf85ab98c32e5f902bb5ecf39d00791b38
9f443abc9ba093c020532ee35e613e25a924afa6d7e1817b3e1f75d5eef9829a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/phoenix_il8n_EN_US.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:56 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:15:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df86-33256"
Expires: Fri, 26 Apr 2024 18:31:56 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/picture/sit-stand-desks.jpg
38.177.159.139200 OK 2.4 MB URL GET HTTP/1.1 wxtdjs.com/static/picture/sit-stand-desks.jpg
IP 38.177.159.139:80
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=2048, bps=158, PhotometricInterpretation=RGB, orientation=upper-left, width=2048], progressive, precision 8, 2048x2048, components 3
Size 2.4 MB (2414097 bytes)
Hash 31acbc95745b22fd8a60ca9d349081ce
a93c68e94916884da865e443179fe7a23358d541
4d1ddde793e81f32dbda320ec3f2003b0d2a510e01e7cf9b18bd342d057f1b62
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/picture/sit-stand-desks.jpg HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:55 GMT
Content-Type: image/jpeg
Content-Length: 2414097
Last-Modified: Fri, 12 Apr 2024 07:00:50 GMT
Connection: keep-alive
ETag: "6618dc22-24d611"
Expires: Sun, 26 May 2024 06:31:55 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/js/index.323f8a22.js
20.2.31.84200 OK 73 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/js/index.323f8a22.js
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65420), with no line terminators
Hash 41a21cc42e7350666a9a4548672aaf63
2e6c272f48fa1f4901fad1edc2f461789f387673
1eb9260ce1bb45c2b305678329730d9174acdc01f52cf29e1fc04a350e8ab2a0
GET /fuhua/static/js/index.323f8a22.js HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:07 GMT
content-type: application/javascript
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
vary: Accept-Encoding
etag: W/"65f6a11a-1dfe5"
cache-control: max-age=43200
content-encoding: gzip
x-country: NO
x-cache: HIT@whopperm3000000
X-Firefox-Spdy: h2
wxtdjs.com/static/font/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
38.177.159.139200 OK 7.8 kB URL GET HTTP/1.1 wxtdjs.com/static/font/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
IP 38.177.159.139:80
File type Web Open Font Format (Version 2), TrueType, length 7840, version 1.0
Hash 8d91ec1ca2d8b56640a47117e313a3e9
a9e9bafe64666f4595051a0e895b47a5fa39e67e
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/font/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/static/css/css-Poppins300400500_swap.css
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:57 GMT
Content-Type: font/woff2
Content-Length: 7840
Last-Modified: Fri, 12 Apr 2024 07:12:50 GMT
Connection: keep-alive
ETag: "6618def2-1ea0"
Accept-Ranges: bytes
adhahd13.com.adak1.com.sdlak983.top:3443/api/v1/sys_config/list
20.2.31.84200 OK 9.8 kB URL POST HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/api/v1/sys_config/list
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
Hash 906b007ce343d485749977c49e9a883c
58e04c78deb60e6abefd9988e76e27740fd4c8cf
d47807e91415153cd5ed2fd062f9a77e83f120e5cc7aeea29acbfd16234dca9d
POST /api/v1/sys_config/list HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1009
Origin: https://adhahd13.com.adak1.com.sdlak983.top:3443
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:09 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
x-country: NO
x-cache: @whopperm3000000
content-encoding: br
X-Firefox-Spdy: h2
wxtdjs.com/static/font/iconfont-1712625845416.woff2
38.177.159.139200 OK 171 kB URL GET HTTP/1.1 wxtdjs.com/static/font/iconfont-1712625845416.woff2
IP 38.177.159.139:80
File type Web Open Font Format (Version 2), TrueType, length 171084, version 1.0
Size 171 kB (171084 bytes)
Hash e0a3cadae3af4619c4e845fe968f97ca
e4e883b961f8a56ebab062b742007f21e6006f37
7c9faaeb5fb6d104c5910723f42ce8891c564ae284fa71e1a6b2ff204c25ae91
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/font/iconfont-1712625845416.woff2 HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/static/css/prodsearch.css
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:55 GMT
Content-Type: font/woff2
Content-Length: 171084
Last-Modified: Fri, 12 Apr 2024 07:13:18 GMT
Connection: keep-alive
ETag: "6618df0e-29c4c"
Accept-Ranges: bytes
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/js/pagesD-navPage-aboutUs~pagesD-navPage-activePage~pagesD-navPage-agent~pagesD-navPage-allocation~page~a3e03958.ff073102.js
20.2.31.84200 OK 33 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/js/pagesD-navPage-aboutUs~pagesD-navPage-activePage~pagesD-navPage-agent~pagesD-navPage-allocation~page~a3e03958.ff073102.js
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type gzip compressed data, from Unix
Hash cdece4b018b1fe9bd9c8d6c40e20a327
fa6cda59ef8cffa196b6391a2b7c6889cf35a265
d9e79248a276aa619acd96c4f74843ce85e06ae384725edb46c136c0266ded0f
GET /fuhua/static/js/pagesD-navPage-aboutUs~pagesD-navPage-activePage~pagesD-navPage-agent~pagesD-navPage-allocation~page~a3e03958.ff073102.js HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:09 GMT
content-type: application/javascript
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
vary: Accept-Encoding
etag: W/"65f6a11a-972b"
cache-control: max-age=43200
content-encoding: gzip
x-country: NO
x-cache: HIT@whopperm3000000
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/pc/01.png
20.2.31.84200 OK 4.5 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/pc/01.png
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced
Hash db6e9a181592a08e670b994bfdf6ba5f
7ec8815675b05c14d30b2ea3c76ad2b9cb8d11bb
dc3652a7ef7f5e2cd3b6a76ee0308f1f592c5f9a7ca2df96f41a2d7cb34829c4
GET /fuhua/static/images/pc/01.png HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:10 GMT
content-type: image/png
content-length: 4483
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
etag: "65f6a11a-1183"
cache-control: max-age=2592000
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/js/pages-index-index~pagesD-navPage-index.292ec448.js
20.2.31.84200 OK 9.5 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/js/pages-index-index~pagesD-navPage-index.292ec448.js
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type gzip compressed data, from Unix
Hash 0c8823cd31b0b1fc812e1cab6c08b224
955991533a88180e736ab13c64cba97bcf961402
ff9c151a9bfe8874ca95a41bd5c1788f9a08c793845471e67f117f559ec795de
GET /fuhua/static/js/pages-index-index~pagesD-navPage-index.292ec448.js HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:09 GMT
content-type: application/javascript
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
vary: Accept-Encoding
etag: W/"65f6a11a-5597"
cache-control: max-age=43200
content-encoding: gzip
x-country: NO
x-cache: HIT@whopperm3000000
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/pc/03.png
20.2.31.84200 OK 4.1 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/pc/03.png
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced
Hash 5d47de43559c21a549d39ca273cdf800
d64ff5519d038ad868e642a0d2e1c51eba0d1886
132dc55551cd5003d53e24d067e2b4dcd90465dd31fb542d34a473a2b02cf858
GET /fuhua/static/images/pc/03.png HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:10 GMT
content-type: image/png
content-length: 4090
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
etag: "65f6a11a-ffa"
cache-control: max-age=2592000
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
at.alicdn.com/t/font_2225171_8kdcwk4po24.ttf
47.246.44.250200 OK 56 kB URL GET HTTP/2 at.alicdn.com/t/font_2225171_8kdcwk4po24.ttf
IP 47.246.44.250:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
Fingerprint29:04:BE:E6:49:30:F7:DC:C0:BE:56:8F:B4:AC:24:9B:50:1A:F7:E2
ValidityTue, 26 Dec 2023 03:36:04 GMT - Tue, 30 Jul 2024 02:26:11 GMT
File type TrueType Font data, 11 tables, 1st "GSUB", 18 names, Macintosh,
Hash b716002bf601f727176ae7901bdf4e4f
e87c1130c27fa42d822c198f5ea8b633b5118b94
4bc8cc97559c0a52ea4f5ce0563e1bf3a7f89d660f74792e662e76d49eae4707
GET /t/font_2225171_8kdcwk4po24.ttf HTTP/1.1
Host: at.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adhahd13.com.adak1.com.sdlak983.top:3443
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: application/octet-stream
content-length: 55940
date: Mon, 22 Apr 2024 13:20:15 GMT
x-oss-request-id: 6626640FFC091B3136EC25CD
vary: Origin
accept-ranges: bytes
etag: "B716002BF601F727176AE7901BDF4E4F"
last-modified: Fri, 24 Dec 2021 20:51:06 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10201830100077572647
x-oss-storage-class: Standard
cache-control: max-age=63072000
content-md5: txYAK/YB9ycXaueQG99OTw==
x-oss-server-time: 2
ali-swift-global-savetime: 1713792016
via: cache14.l2de2[0,0,200-0,H], cache19.l2de2[1,0], ens-cache20.se2[0,0,200-0,H], ens-cache4.se2[1,0]
age: 320994
x-cache: HIT TCP_HIT dirn:11:82038639
x-swift-savetime: Tue, 23 Apr 2024 00:23:04 GMT
x-swift-cachetime: 31064232
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 2ff62c9817141130106725122e
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/pc/04.png
20.2.31.84200 OK 4.9 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/pc/04.png
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced
Hash d8dafdd83fc96f29bd49736b3612c0f1
0b1717a520103edb04bb8ef697841aa3b04c8559
0711bf2f8359888dbdb23dc8b2eee30709bd1d56a2bb24ef3eec46cf0bfbb855
GET /fuhua/static/images/pc/04.png HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:10 GMT
content-type: image/png
content-length: 4903
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
etag: "65f6a11a-1327"
cache-control: max-age=2592000
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/pc/1.png
20.2.31.84200 OK 25 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/pc/1.png
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type PNG image data, 174 x 166, 8-bit/color RGBA, non-interlaced
Hash ed41e03bb6bcef7ffa5acf877c0d6420
b2410ad1515987cb244fa6d6db98e6b2e4a221eb
1b356dcc31c8e4d91c13c96667906c00efbe163d8caf5e540e3e1e4631f1f7e1
GET /fuhua/static/images/pc/1.png HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:10 GMT
content-type: image/png
content-length: 24753
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
etag: "65f6a11a-60b1"
cache-control: max-age=2592000
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/pc/2.png
20.2.31.84200 OK 21 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/pc/2.png
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type PNG image data, 148 x 168, 8-bit/color RGBA, non-interlaced
Hash a6b5c5a4099f9c89efd4ffc5a601a3e7
d4224968adb44c5c5fe51d6b2a5526bd2858e647
223e1563a966556a6da9a0a5d9f0b7d9b2e872f85b2eaaa5004f80bc3b97a80d
GET /fuhua/static/images/pc/2.png HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:10 GMT
content-type: image/png
content-length: 20750
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
etag: "65f6a11a-510e"
cache-control: max-age=2592000
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/pc/3.png
20.2.31.84200 OK 20 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/pc/3.png
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type PNG image data, 204 x 164, 8-bit/color RGBA, non-interlaced
Hash 25b17ff44bea04b58686cd3a97998963
fcc6d203a6116f4cdba57f0a96a4ef80fbefc081
23dbc86611cc0105d4c4a1239e2ce8af4f62da614918ff4c0781a8e131c57915
GET /fuhua/static/images/pc/3.png HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:10 GMT
content-type: image/png
content-length: 19915
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
etag: "65f6a11a-4dcb"
cache-control: max-age=2592000
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/download.png
20.2.31.84200 OK 5.5 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/download.png
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced
Hash 460da08070c770f0d026c4d901169d14
d2631fb82e5c20d2ee6e816c761c05288f067a59
438022b8e011d0e526ad3f69c7e31d02a5b38fd052ae7a1e34e4d841e5ee1b1e
GET /fuhua/static/download.png HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:10 GMT
content-type: image/png
content-length: 5461
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
etag: "65f6a11a-1555"
cache-control: max-age=2592000
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/upload/20240426/5c8070335c024f97d6eb67b458d12643.jpg
20.2.31.84200 OK 22 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/upload/20240426/5c8070335c024f97d6eb67b458d12643.jpg
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 262x258, components 3
Hash b2b4594d2de442635536aa249c3fe9ed
ea32396182bcfee786e1436e74c062ac6c0cefeb
0c7590bb76bf4434d6232ee0f2a3e549e8f65b96dca6c3d7048963b1fe4ab51a
GET /upload/20240426/5c8070335c024f97d6eb67b458d12643.jpg HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:10 GMT
content-type: image/jpeg
content-length: 22331
last-modified: Fri, 26 Apr 2024 06:06:39 GMT
etag: "573b-616f9b4f95a85"
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/upload/20240313/a2c97e69368e3f05d039b59a1d444d7b.png
20.2.31.84200 OK 7.3 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/upload/20240313/a2c97e69368e3f05d039b59a1d444d7b.png
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type PNG image data, 270 x 268, 8-bit/color RGBA, non-interlaced
Hash 969f291f6039e9ba69bb9f294539dfd8
de7dc7dd0093e3841a4ba9741ec648d041c6c000
47bca9dbdb57c7e6ebd7c76a8534e2683171ad43c9dc24badb06b4314f82bc43
GET /upload/20240313/a2c97e69368e3f05d039b59a1d444d7b.png HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:10 GMT
content-type: image/png
content-length: 7279
last-modified: Wed, 13 Mar 2024 14:15:11 GMT
etag: "1c6f-6138b67195d26"
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/001.png
20.2.31.84200 OK 6.6 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/001.png
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type PNG image data, 124 x 124, 8-bit/color RGBA, non-interlaced
Hash c41f9469a32624464ee7e776dc5a1ad1
4b45e716433e4e5dcda96952b304ebbdc6c08d54
7ee9fdb57ce9d633d85e653777608548674c4c85d2e412f540d528bf765db147
GET /fuhua/static/001.png HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:10 GMT
content-type: image/png
content-length: 6595
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
etag: "65f6a11a-19c3"
cache-control: max-age=2592000
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/002.png
20.2.31.84200 OK 6.6 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/002.png
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type PNG image data, 124 x 124, 8-bit/color RGBA, non-interlaced
Hash 375c772e9f4092d3535d4b55cdfd8310
933d00eef43c251135793513529a0468285f6c9e
0ede6c5f628d6b5d7c0f1e9cf88ac4984945cb60ea4b7fab457f0c8de239f54a
GET /fuhua/static/002.png HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:10 GMT
content-type: image/png
content-length: 6555
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
etag: "65f6a11a-199b"
cache-control: max-age=2592000
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
wxtdjs.com/static/picture/CIFF-GUANGZHOU.jpg
38.177.159.139200 OK 196 kB URL GET HTTP/1.1 wxtdjs.com/static/picture/CIFF-GUANGZHOU.jpg
IP 38.177.159.139:80
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x800, components 3
Size 196 kB (196194 bytes)
Hash 917e2f15b01be8fbb591120268ddf145
897ad0cc6a6e6b35de0c9c041119689348dee309
95f5d6f042b5af51c1ff39c9900dd918aa27e0713ea94cede142f3255c1582bc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/picture/CIFF-GUANGZHOU.jpg HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:58 GMT
Content-Type: image/jpeg
Content-Length: 196194
Last-Modified: Fri, 12 Apr 2024 07:00:34 GMT
Connection: keep-alive
ETag: "6618dc12-2fe62"
Expires: Sun, 26 May 2024 06:31:58 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/003.png
20.2.31.84200 OK 6.6 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/003.png
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type PNG image data, 124 x 124, 8-bit/color RGBA, non-interlaced
Hash 8425cf7403c7cf3d7514cbf9ef7d2fd3
6511f932dd7168d09769c2e0a152e3e363899413
2c905a439752dc291cc6032eb2f73afa4331e29bd670788cf998642dd52e577e
GET /fuhua/static/003.png HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:10 GMT
content-type: image/png
content-length: 6640
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
etag: "65f6a11a-19f0"
cache-control: max-age=2592000
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/004.png
20.2.31.84200 OK 6.8 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/004.png
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type PNG image data, 124 x 124, 8-bit/color RGBA, non-interlaced
Hash 0d7385a30142b1bde832483e6b32a27f
28c971d746aa905b973a86675b76d48485db5926
10ea0942d8d2f22c11406ca9cd57d6c4b791b14d47422fdad2cf73f26868574b
GET /fuhua/static/004.png HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:10 GMT
content-type: image/png
content-length: 6756
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
etag: "65f6a11a-1a64"
cache-control: max-age=2592000
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/005.png
20.2.31.84200 OK 6.6 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/005.png
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type PNG image data, 124 x 124, 8-bit/color RGBA, non-interlaced
Hash d6071adcd0912fe2ed1d04105d4e8a27
5ad0b62ca565f0d2a1a64604c44a9763f249a8fc
df5c32f5c40ce1d47eea253b118f5b8388f1d4f0fa3eeaa415ae991da08f4674
GET /fuhua/static/005.png HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:10 GMT
content-type: image/png
content-length: 6618
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
etag: "65f6a11a-19da"
cache-control: max-age=2592000
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
wxtdjs.com/static/image/solution-icon2.png
38.177.159.139200 OK 5.9 kB URL GET HTTP/1.1 wxtdjs.com/static/image/solution-icon2.png
IP 38.177.159.139:80
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced
Hash e1d00164b6e8ac9d16395e46f200462e
5dc1a7809270d6c42d08c2f37629cc6ae11a41b4
ed70a5bfc6071765e0c556935ce2ab26cc6778c6ed665e72a472feab3d3024d1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/image/solution-icon2.png HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/static/css/rlkkKBqikiRlnSrppoRljSjprkilRliSjlomkrRljSjrrlrkiqkokqRriSrqpmrrnorrrrSRjl.css
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:58 GMT
Content-Type: image/png
Content-Length: 5908
Last-Modified: Fri, 12 Apr 2024 07:09:10 GMT
Connection: keep-alive
ETag: "6618de16-1714"
Expires: Sun, 26 May 2024 06:31:58 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wxtdjs.com/static/image/solution-icon.png
38.177.159.139200 OK 5.4 kB URL GET HTTP/1.1 wxtdjs.com/static/image/solution-icon.png
IP 38.177.159.139:80
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced
Hash 991be7ac6196ffd65b5c152f6f41d30e
2bc0d006700376cefecfe1c50d74cd985d739977
acb11ddca90fe0284dece92817727ff0199000aa9416a869edc3b45e82153a86
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/image/solution-icon.png HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/static/css/rlkkKBqikiRlnSrppoRljSjprkilRliSjlomkrRljSjrrlrkiqkokqRriSrqpmrrnorrrrSRjl.css
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:58 GMT
Content-Type: image/png
Content-Length: 5390
Last-Modified: Fri, 12 Apr 2024 07:09:10 GMT
Connection: keep-alive
ETag: "6618de16-150e"
Expires: Sun, 26 May 2024 06:31:58 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
adhahd13.com.adak1.com.sdlak983.top:3443/api/v1/index/popup
20.2.31.84200 OK 13 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/api/v1/index/popup
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
Hash 0da42b9f169da2281b72bf03ef5aaacc
9893cbc546557625805ffcbe7fce132fccd3f6e5
de5f7be182beeab32a32f154f3ab1a1675002a643d0fdff0d9069e09fb871f58
GET /api/v1/index/popup HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:10 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
x-country: NO
x-cache: BYPASS@whopperm3000000
content-encoding: br
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/bank.png
20.2.31.84200 OK 99 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/bank.png
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type PNG image data, 2400 x 348, 8-bit colormap, non-interlaced
Hash 678ffa290057daf08b6e67eb5b3d2a7d
b50bbd19bfea68f6e30a5f2d20c03324c67d3815
764658a9210b17a77a0f68f40321070a6e44aca7dfd430fc7e38c5f502d49e3f
GET /fuhua/static/bank.png HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:10 GMT
content-type: image/png
content-length: 99128
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
etag: "65f6a11a-18338"
cache-control: max-age=2592000
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/js/pagesD-navPage-index.6141f622.js
20.2.31.84200 OK 48 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/js/pagesD-navPage-index.6141f622.js
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type gzip compressed data, from Unix
Hash ed2fa18a53d8fe4e45644bec7db15d96
97db32f60f3ac3d0596b625b45df6746a021ec51
fd78824053af1e145147b1bb1ae45c1c24574ad1563abf116218cc57fce00764
GET /fuhua/static/js/pagesD-navPage-index.6141f622.js HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:09 GMT
content-type: application/javascript
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
vary: Accept-Encoding
etag: W/"65f6a11a-16268"
cache-control: max-age=43200
content-encoding: gzip
x-country: NO
x-cache: HIT@whopperm3000000
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/slider-verify/4.jpg
20.2.31.84200 OK 84 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/slider-verify/4.jpg
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x1080, components 3
Hash da8c026b86c8bbc8aa7743f909d29056
6a41ef1fb8a3d04a43a8fe8884d3fc6c2be47fe9
bd622d07fc554551149c2041ba9462e115e20633970a898d14e91e7e4a291611
GET /fuhua/static/images/slider-verify/4.jpg HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:10 GMT
content-type: image/jpeg
content-length: 83906
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
etag: "65f6a11a-147c2"
cache-control: max-age=2592000
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
wxtdjs.com/static/picture/transparent.png
38.177.159.139200 OK 151 B URL GET HTTP/1.1 wxtdjs.com/static/picture/transparent.png
IP 38.177.159.139:80
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced
Hash 94f37bb5acccc2fa8cd904a4e99387ad
ea80de9020515b4f5301ddb86fd3e69b942359d2
e17a424c9ad622bfc35e23bdf5a3a38c7ee66a9da89d3526cbed58f56cbe2835
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/picture/transparent.png HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:58 GMT
Content-Type: image/png
Content-Length: 151
Last-Modified: Fri, 12 Apr 2024 07:08:42 GMT
Connection: keep-alive
ETag: "6618ddfa-97"
Expires: Sun, 26 May 2024 06:31:58 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wxtdjs.com/static/js/style04.js
38.177.159.139200 OK 2.1 kB URL GET HTTP/1.1 wxtdjs.com/static/js/style04.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text
Hash ba3e415f7af120908483283b45eaded0
96edc9ae6b648dae0840a3de81a0e97dca125d13
3673d333b9c7aad72866a7acb8323cd023890139ad30d3dc03dd4519cd8c5146
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/style04.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:58 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:15:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df86-2401"
Expires: Fri, 26 Apr 2024 18:31:58 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/js/chunk-vendors.c517940e.js
20.2.31.84200 OK 359 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/js/chunk-vendors.c517940e.js
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65175), with no line terminators
Size 359 kB (359422 bytes)
Hash b6c471d08aaa22b8652fabb969121094
f4b700805c6117662699b838d0b158e6ef97d1e2
d20ff0c2286838924043f73a7520562538be18bb512285de560a3636d618d3f0
GET /fuhua/static/js/chunk-vendors.c517940e.js HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:07 GMT
content-type: application/javascript
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
vary: Accept-Encoding
etag: W/"65f6a11a-e8128"
cache-control: max-age=43200
content-encoding: gzip
x-country: NO
x-cache: HIT@whopperm3000000
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/upload/20240318/0b8d04e415a3902352d4629e3eff816e.png
20.2.31.84200 OK 326 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/upload/20240318/0b8d04e415a3902352d4629e3eff816e.png
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type PNG image data, 1920 x 323, 8-bit/color RGB, non-interlaced
Size 326 kB (326117 bytes)
Hash 84947e9dc85028ab4766e2cc3eaf9f3e
dbbd375495a9016892f8b9555ae35897937d91a0
e630aafb691437845c740c061cd781aa35d132afdfe008cbc6098a3d7625c885
GET /upload/20240318/0b8d04e415a3902352d4629e3eff816e.png HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:10 GMT
content-type: image/png
content-length: 326117
last-modified: Mon, 18 Mar 2024 07:11:35 GMT
etag: "4f9e5-613ea116e0203"
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
pmbdhtd.com.shduendg.tuaingde.xyz:3443/wss
20.2.31.84 0 B URL pmbdhtd.com.shduendg.tuaingde.xyz:3443/wss
IP 20.2.31.84:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wss HTTP/1.1
Host: pmbdhtd.com.shduendg.tuaingde.xyz:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://adhahd13.com.adak1.com.sdlak983.top:3443
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3q8fd4sFdmlMYefvwXpccA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: FS/392.27.10
Date: Fri, 26 Apr 2024 06:30:11 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Version: 13
Sec-WebSocket-Accept: DIltTXAz5f3vFTPgmMfxgGXKFnY=
wxtdjs.com/static/picture/1-4-3-legs.jpg
38.177.159.139200 OK 1.9 MB URL GET HTTP/1.1 wxtdjs.com/static/picture/1-4-3-legs.jpg
IP 38.177.159.139:80
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 4096x4096, components 3
Size 1.9 MB (1906181 bytes)
Hash 7d887b6d73662dfdc27768fc0dd6864a
2fc7372721297d8c811bf617f978fc779cef6621
8d86dffd5454b4c0de29c7c29ea78bc2e9384d91a72f39568e994d62bff41acc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/picture/1-4-3-legs.jpg HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:55 GMT
Content-Type: image/jpeg
Content-Length: 1906181
Last-Modified: Fri, 12 Apr 2024 06:47:16 GMT
Connection: keep-alive
ETag: "6618d8f4-1d1605"
Expires: Sun, 26 May 2024 06:31:55 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
adhahd13.com.adak1.com.sdlak983.top:3443/api/v1/stock/market
20.2.31.84200 OK 587 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/api/v1/stock/market
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
Size 587 kB (586603 bytes)
Hash 23cf10d5036fffd3de631cd3edbf1666
2372c314875c4d6b6e6af72ec26d608ac1cc6b81
4f797829ce7e45ad0d4328c24421294e8dd7f835e1cdf7cf0644b78103008885
GET /api/v1/stock/market HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:10 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
x-country: NO
x-cache: BYPASS@whopperm3000000
content-encoding: br
X-Firefox-Spdy: h2
puntesaing.com.fueadei.auedtisbt.com/upload/20240320/55f22e3ea5ac42f3981f90cc13ede5a7.png
20.2.31.84200 OK 26 kB URL GET HTTP/2 puntesaing.com.fueadei.auedtisbt.com/upload/20240320/55f22e3ea5ac42f3981f90cc13ede5a7.png
IP 20.2.31.84:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectpuntesaing.com.fueadei.auedtisbt.com
Fingerprint76:67:59:C7:23:8B:36:5C:A1:5F:79:46:A9:6D:26:C0:31:1A:FF:DC
ValidityWed, 13 Mar 2024 00:00:00 GMT - Tue, 11 Jun 2024 23:59:59 GMT
File type PNG image data, 1200 x 380, 8-bit/color RGBA, non-interlaced
Hash f05fed281007e43efa9a8572c526de2f
dc0f4c41e4e0eea0789eaee9dfe5b025e252bc74
905d38f6f4c888436d0503ec24089431b5513b01bff4a508ed4077b10166dd08
GET /upload/20240320/55f22e3ea5ac42f3981f90cc13ede5a7.png HTTP/1.1
Host: puntesaing.com.fueadei.auedtisbt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:11 GMT
content-type: image/png
content-length: 26212
last-modified: Wed, 20 Mar 2024 13:48:16 GMT
etag: "6664-61417d7c1aca8"
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/upload/20240318/139350dc8f94c414d41d6210d2b89f2f.png
20.2.31.84200 OK 466 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/upload/20240318/139350dc8f94c414d41d6210d2b89f2f.png
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type PNG image data, 1920 x 323, 8-bit/color RGB, non-interlaced
Size 466 kB (466500 bytes)
Hash 428f4de6ee27e465273b6e31ee4533ac
cbc5441d3096bb3303cf5c66bccee884f9b55a97
1a64f8be541debada8e17d1013359a4e5f465f337f991dbf98f8a8e9fbd83b74
GET /upload/20240318/139350dc8f94c414d41d6210d2b89f2f.png HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:11 GMT
content-type: image/png
content-length: 466500
last-modified: Mon, 18 Mar 2024 07:12:03 GMT
etag: "71e44-613ea1313c20d"
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/upload/20240318/135eebb3abaacee96d9f642de5675ee7.png
20.2.31.84200 OK 517 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/upload/20240318/135eebb3abaacee96d9f642de5675ee7.png
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type PNG image data, 1920 x 323, 8-bit/color RGBA, non-interlaced
Size 517 kB (517168 bytes)
Hash 4e0e3da683faf76e73913238c6e8da83
51ce268a4bbb56f39942a1805903f98d5e547c00
dd18e67d0b30528d535c8054a93f27351db74fc013efe45f98ac1ed20f3a8555
GET /upload/20240318/135eebb3abaacee96d9f642de5675ee7.png HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:11 GMT
content-type: image/png
content-length: 517168
last-modified: Mon, 18 Mar 2024 07:12:59 GMT
etag: "7e430-613ea166721bc"
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/upload/20240318/9c5f177b6bd32a2d1d5323d581aa6e31.png
20.2.31.84200 OK 607 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/upload/20240318/9c5f177b6bd32a2d1d5323d581aa6e31.png
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type PNG image data, 1920 x 323, 8-bit/color RGBA, non-interlaced
Size 607 kB (607024 bytes)
Hash 7b44600e0222d75aac6e581ba0f592f0
165ff4f35ae1fb29481249ed147a8c6227d578a4
cf783c71aaaae22977bbbaa50a7219fd538b2ac2f37d871e82fa0bc77f274664
GET /upload/20240318/9c5f177b6bd32a2d1d5323d581aa6e31.png HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:11 GMT
content-type: image/png
content-length: 607024
last-modified: Mon, 18 Mar 2024 07:12:33 GMT
etag: "94330-613ea14dac5a7"
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
wxtdjs.com/static/picture/1-4-glass-desks.jpg
38.177.159.139200 OK 1.3 MB URL GET HTTP/1.1 wxtdjs.com/static/picture/1-4-glass-desks.jpg
IP 38.177.159.139:80
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 3096x3096, components 3
Size 1.3 MB (1274506 bytes)
Hash d3a959e2f2aa37ffc9a2bc9294f8b659
31405df45c2ec351a466adf5eaed11ad5d8106a0
917370bff74dac60f8b4b99fef1327d5e1f5460081d7e8e6da7400bf139dd2b4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/picture/1-4-glass-desks.jpg HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:58 GMT
Content-Type: image/jpeg
Content-Length: 1274506
Last-Modified: Fri, 12 Apr 2024 07:07:46 GMT
Connection: keep-alive
ETag: "6618ddc2-13728a"
Expires: Sun, 26 May 2024 06:31:58 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wxtdjs.com/static/css/mailCollection.css
38.177.159.139200 OK 771 B URL GET HTTP/1.1 wxtdjs.com/static/css/mailCollection.css
IP 38.177.159.139:80
Hash f9bb87e009beb39d5c2666f4aa9ade30
928489d628720b4881f86d1fba36e1e8e5f303a6
7786a3484416a9982ec4841c245826e8aaeee3b7b4cbe913e2908c3925e29a16
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/mailCollection.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:59 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:14:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df56-ec4"
Expires: Fri, 26 Apr 2024 18:31:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/css/animate.css
38.177.159.139200 OK 4.8 kB URL GET HTTP/1.1 wxtdjs.com/static/css/animate.css
IP 38.177.159.139:80
File type ASCII text, with very long lines (327)
Hash e98335d837c96cd8fd67d255d8e6ca2e
6b3c466589128728a81ac2a3831f3c37e8ed49f3
0dd64707e08cfed7f86933d7524ec3388058d2f302523e946a55218932bc05cc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/animate.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:59 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:14:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df58-d668"
Expires: Fri, 26 Apr 2024 18:31:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/js/jquery.lazyload.js
38.177.159.139200 OK 1.4 kB URL GET HTTP/1.1 wxtdjs.com/static/js/jquery.lazyload.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text
Hash cd3fe2c4bc559dfe217846b5d13d6b5a
b022c9f9009bdb7ffe08c457822acaa79818c8a7
375ea037bd71d9a087a50ae92cdba0c82271c80d62a963ef7162e43920a5fbec
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/jquery.lazyload.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:59 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:15:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df9e-df1"
Expires: Fri, 26 Apr 2024 18:31:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1687702556&si=eac8a84d72c2134d3f29b3c132a09aed&su=http%3A%2F%2Fwxtdjs.com%2F&v=1.3.0&lv=1&sn=45086&r=0&ww=1280&u=https%3A%2F%2Fadhahd13.com.adak1.com.sdlak983.top%3A3443%2Ffuhua%2F%23%2FpagesD%2FnavPage%2Findex&tt=%E9%A6%96%E9%A1%B5
183.240.98.228200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1687702556&si=eac8a84d72c2134d3f29b3c132a09aed&su=http%3A%2F%2Fwxtdjs.com%2F&v=1.3.0&lv=1&sn=45086&r=0&ww=1280&u=https%3A%2F%2Fadhahd13.com.adak1.com.sdlak983.top%3A3443%2Ffuhua%2F%23%2FpagesD%2FnavPage%2Findex&tt=%E9%A6%96%E9%A1%B5
IP 183.240.98.228:443
ASN #56040 China Mobile communications corporation
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1687702556&si=eac8a84d72c2134d3f29b3c132a09aed&su=http%3A%2F%2Fwxtdjs.com%2F&v=1.3.0&lv=1&sn=45086&r=0&ww=1280&u=https%3A%2F%2Fadhahd13.com.adak1.com.sdlak983.top%3A3443%2Ffuhua%2F%23%2FpagesD%2FnavPage%2Findex&tt=%E9%A6%96%E9%A1%B5 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 26 Apr 2024 06:30:11 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=7141ADDB736951C8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
wxtdjs.com/static/picture/1-4-4-legs.jpg
38.177.159.139200 OK 3.2 MB URL GET HTTP/1.1 wxtdjs.com/static/picture/1-4-4-legs.jpg
IP 38.177.159.139:80
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 4096x4096, components 3
Size 3.2 MB (3186521 bytes)
Hash 1e59ea9307a25da387d7e9ef695f558f
5303dc5b68c869364f71f1686d9bef08d0fa6a65
3cd346b9f3bdaadaea393fdeb3a816ade1846911100f5f586c0fffaa620fdf4d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/picture/1-4-4-legs.jpg HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:55 GMT
Content-Type: image/jpeg
Content-Length: 3186521
Last-Modified: Fri, 12 Apr 2024 07:00:46 GMT
Connection: keep-alive
ETag: "6618dc1e-309f59"
Expires: Sun, 26 May 2024 06:31:55 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wxtdjs.com/static/image/home-service-bg-pc.jpg
38.177.159.139200 OK 117 kB URL GET HTTP/1.1 wxtdjs.com/static/image/home-service-bg-pc.jpg
IP 38.177.159.139:80
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.0 (Windows), datetime=2023:05:19 15:26:09], baseline, precision 8, 1920x1000, components 3
Size 117 kB (117355 bytes)
Hash c8dc8878c390db3f773b3b96c1478f0f
0d8ffcedc2007e5edc483f60564efe0428d8889c
b9275c74ce58e84ebf28459794d38296f611eb97d144592e84b6defaff4ad57d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/image/home-service-bg-pc.jpg HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/static/css/rlkkKBqikiRlnSrppoRljSjprkilRliSjlomkrRljSjrrlrkiqkokqRriSrqpmrrnorrrrSRjl.css
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:59 GMT
Content-Type: image/jpeg
Content-Length: 117355
Last-Modified: Fri, 12 Apr 2024 07:09:10 GMT
Connection: keep-alive
ETag: "6618de16-1ca6b"
Expires: Sun, 26 May 2024 06:31:59 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wxtdjs.com/static/css/public.css
38.177.159.139200 OK 567 B URL GET HTTP/1.1 wxtdjs.com/static/css/public.css
IP 38.177.159.139:80
Hash 9737ae8d65eae6616637e5f54e3c7105
2851803dda647c00a8fdfb256165162c7703a8eb
a2620ca958988be081dadbcb7c8759e15232d83080f97a371c7db78714618056
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/public.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:00 GMT
Content-Type: text/css
Content-Length: 567
Last-Modified: Fri, 12 Apr 2024 07:14:28 GMT
Connection: keep-alive
ETag: "6618df54-237"
Expires: Fri, 26 Apr 2024 18:32:00 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
wxtdjs.com/static/css/picture.description.css
38.177.159.139200 OK 1.0 kB URL GET HTTP/1.1 wxtdjs.com/static/css/picture.description.css
IP 38.177.159.139:80
File type ASCII text, with very long lines (428)
Hash 2e9a367bfc914ace0f149fe67d69a217
d574c4045061d2dbb8f5b765ae28b30e780031ea
1d78e0dfa8da0d879a26ccd597f9424246e74ab9d0c4dca09b3c4428bb75b278
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/picture.description.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:00 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:14:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df54-1632"
Expires: Fri, 26 Apr 2024 18:32:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
adhahd13.com.adak1.com.sdlak983.top:3443/api/v1/index/base?type=2
20.2.31.84200 OK 8.1 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/api/v1/index/base?type=2
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
Hash 22a65231ca608a6b90373b5abd836543
21f4a5c5582f983861a069aa0e85b65a4eb76191
12336481bffb1c894e93eae78417bf174b7e4f36e5f53926c96f1ce23f4fc3be
GET /api/v1/index/base?type=2 HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:10 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
x-country: NO
x-cache: BYPASS@whopperm3000000
content-encoding: br
X-Firefox-Spdy: h2
wxtdjs.com/static/css/iconSize24.css
38.177.159.139200 OK 3.2 kB URL GET HTTP/1.1 wxtdjs.com/static/css/iconSize24.css
IP 38.177.159.139:80
Hash dbb009c5845e9059fc83caf4614af280
b803536f0b4fd8aa0e268fe99241d71ee9b74c5f
5e05b7e08de55ebdfae7058a0e159b7caed19c6e6430bf45ed14efbf7a61fd8c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/iconSize24.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:00 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:14:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df56-920a"
Expires: Fri, 26 Apr 2024 18:32:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/css/tooltipster.css
38.177.159.139200 OK 1.2 kB URL GET HTTP/1.1 wxtdjs.com/static/css/tooltipster.css
IP 38.177.159.139:80
File type ASCII text, with very long lines (584)
Hash 3261505a1c2da142f2f3c85ee3230c03
363f8d0cb5437ec2e3568466fb0fd6fa6bbbfb13
da2caa358c43f6fc6cd7d285a6e06b9518eec3b8fb54335f783c6dbbb442e99c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/tooltipster.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:00 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:14:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df56-1b30"
Expires: Fri, 26 Apr 2024 18:32:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/css/graphic.css
38.177.159.139200 OK 803 B URL GET HTTP/1.1 wxtdjs.com/static/css/graphic.css
IP 38.177.159.139:80
Hash 2170e03b806e6cd7df1e8d617cdbcf9f
09028585dec4df5a9748806ee084ab50e1947d4f
1b451da1be2e0a5c91824f1b41bc9186f7684be970475a01c112d1b47afd47a7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/graphic.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:00 GMT
Content-Type: text/css
Content-Length: 803
Last-Modified: Fri, 12 Apr 2024 07:14:28 GMT
Connection: keep-alive
ETag: "6618df54-323"
Expires: Fri, 26 Apr 2024 18:32:00 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
wxtdjs.com/static/js/comp.logo.settings.js
38.177.159.139200 OK 1.9 kB URL GET HTTP/1.1 wxtdjs.com/static/js/comp.logo.settings.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text
Hash e4d4c9bd200d71a6668c6adea0f45e61
28615caee7512df9c336a2d45bfbc2fbfef62dee
b42b123c86d9160a44e5b2a1627eefabd1eb9d813897fedb32ea76dd012067bd
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/comp.logo.settings.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:00 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:15:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df86-13f4"
Expires: Fri, 26 Apr 2024 18:32:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/css/public1.css
38.177.159.139200 OK 3.0 kB URL GET HTTP/1.1 wxtdjs.com/static/css/public1.css
IP 38.177.159.139:80
File type ASCII text, with very long lines (697)
Hash 9b9be56b15fb09f150c29c413d9b2355
fb1d0d0f10c4402af78f43732101fc22b200abc7
61b24b109d06f47b8d440c8dec64beeaef31566d1c26162664c293cd9a19b51b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/public1.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:01 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:14:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df56-21e7"
Expires: Fri, 26 Apr 2024 18:32:01 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/css/public2.css
38.177.159.139200 OK 501 B URL GET HTTP/1.1 wxtdjs.com/static/css/public2.css
IP 38.177.159.139:80
Hash 84a4fc861a805d05d38897983ad899e4
c57f5f9bb6670f1270ef68f940bb37c7622507ea
e5157d08e6e40c18622efbe6133d91789c0706c53d888956033e64af32f7af47
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/public2.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:01 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:14:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df56-570"
Expires: Fri, 26 Apr 2024 18:32:01 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/css/float.css
38.177.159.139200 OK 6.6 kB URL GET HTTP/1.1 wxtdjs.com/static/css/float.css
IP 38.177.159.139:80
File type ASCII text, with very long lines (8148)
Hash efe6648a2274a38e2464d1ce3e289e7d
357dbd4fec1fc5e53ca834f8a4becc41a65ca0e0
b0f20ffacc88869382d4d597ede1b1766f09df34f8442c57a3f26560316e2ff9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/float.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:01 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:14:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df56-2b7f"
Expires: Fri, 26 Apr 2024 18:32:01 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/css/style115.css
38.177.159.139200 OK 2.0 kB URL GET HTTP/1.1 wxtdjs.com/static/css/style115.css
IP 38.177.159.139:80
File type ASCII text, with very long lines (359)
Hash 658ff62436356690f3db60ee49b31344
f66664f8d00266bc18b9a1a95c4d5786471ae768
926627d798eb9e8a23bf4a839ce6e88870ecc9197de7b174a03e2feeb8f870c1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/style115.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:01 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:14:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df56-31fb"
Expires: Fri, 26 Apr 2024 18:32:01 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/js/jquery.smartmenusUpdate.js
38.177.159.139200 OK 8.9 kB URL GET HTTP/1.1 wxtdjs.com/static/js/jquery.smartmenusUpdate.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text, with very long lines (633)
Hash 7be4ea2525ac52ae9486e479aa928a67
44cbe8ce35450bb2c5937c0ec788cb3d67e24967
9c682ae04d43ed8b57e737307bd668628112187fca1b0d7947d13f3f4aab2ba6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/jquery.smartmenusUpdate.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:01 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:15:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df9e-70c0"
Expires: Fri, 26 Apr 2024 18:32:01 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/picture/1-4-FQ06-workspace-baise.jpg
38.177.159.139200 OK 962 kB URL GET HTTP/1.1 wxtdjs.com/static/picture/1-4-FQ06-workspace-baise.jpg
IP 38.177.159.139:80
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1500x1500, components 3
Size 962 kB (962052 bytes)
Hash ad5eb0657860e2803251902bd183630e
3653d9773427c1a55b7bf9c6ee6031a5e745219f
799c7f42b9a5c0413f89ed02dce2929475756a5ff6278d108155de519c2058f8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/picture/1-4-FQ06-workspace-baise.jpg HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:58 GMT
Content-Type: image/jpeg
Content-Length: 962052
Last-Modified: Fri, 12 Apr 2024 07:08:08 GMT
Connection: keep-alive
ETag: "6618ddd8-eae04"
Expires: Sun, 26 May 2024 06:31:58 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wxtdjs.com/static/css/form.css
38.177.159.139200 OK 6.3 kB URL GET HTTP/1.1 wxtdjs.com/static/css/form.css
IP 38.177.159.139:80
File type ASCII text, with very long lines (761)
Hash 626cd7f1ccfeaf248ae8efcaed307953
e6b36cd712b7e4734336735b4e2ba8544715a152
e9d8dc83024de9c72856e9966f6543a245f1ebe1c95370b5e15ada0594aba1f0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/form.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:01 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:14:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df6c-834b"
Expires: Fri, 26 Apr 2024 18:32:01 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/css/datepicker.css
38.177.159.139200 OK 2.8 kB URL GET HTTP/1.1 wxtdjs.com/static/css/datepicker.css
IP 38.177.159.139:80
File type ASCII text, with very long lines (471)
Hash ed1a80360f0bec05aaed18680d0980ec
6b039a9183a0b830746619b9de0ef3c4ce267720
26709b2d2657aa08828464910f6f120e114bcaaf14045eec4733949628388c3a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/datepicker.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:01 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:14:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df6c-40a1"
Expires: Fri, 26 Apr 2024 18:32:01 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/css/inquire.css
38.177.159.139200 OK 2.7 kB URL GET HTTP/1.1 wxtdjs.com/static/css/inquire.css
IP 38.177.159.139:80
File type ASCII text, with very long lines (1565)
Hash 3e70ef224046a841794b4e901b568eee
7c7a6b4083ea62c19671d65cf33739765788a92d
3f5b5227405dbadaab9b0711f8ef0fc9840a41b944ee4e5615d8ac7aeea24990
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/inquire.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:01 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:14:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df6c-255d"
Expires: Fri, 26 Apr 2024 18:32:01 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
adhahd13.com.adak1.com.sdlak983.top:3443/api/v1/company/typeList
20.2.31.84200 OK 3.5 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/api/v1/company/typeList
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
Hash c77d4cb280dfd83bc9f00f7bb4848c68
e85d3903ad5438b1bd9a2ff93b2c4a8cf5a9b85a
2b08f01e701b7c52799936cbe2daf77ab1081ef29ce43af9ba33684c2eb461c3
GET /api/v1/company/typeList HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:10 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
x-country: NO
x-cache: BYPASS@whopperm3000000
content-encoding: br
X-Firefox-Spdy: h2
wxtdjs.com/static/js/comp.navigation_style.settings.js
38.177.159.139200 OK 3.3 kB URL GET HTTP/1.1 wxtdjs.com/static/js/comp.navigation_style.settings.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text, with very long lines (306)
Hash 8228bb5ddc4b77bc8b93539e600514a4
ca1d902da5a1bd32b005a5897adbb6f6272e35f8
ff14ffc23e5db1f4a692f9f0a0a4260b1597b275b5f32ee63588754247b736c2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/comp.navigation_style.settings.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:01 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:15:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618dfa0-2ee2"
Expires: Fri, 26 Apr 2024 18:32:01 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/picture/standing-desk1.jpg
38.177.159.139200 OK 131 kB URL GET HTTP/1.1 wxtdjs.com/static/picture/standing-desk1.jpg
IP 38.177.159.139:80
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x800, components 3
Size 131 kB (130662 bytes)
Hash 72f2186268e6906e8a9dc8d7dc42ceab
c6a8fc583d91da5e3799786881344981bfc02ec0
2bbb3f60f2f2264489be6227d6b2b53c9e92339383ddc99d8be140bb8ebc33e2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/picture/standing-desk1.jpg HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:02 GMT
Content-Type: image/jpeg
Content-Length: 130662
Last-Modified: Fri, 12 Apr 2024 06:49:00 GMT
Connection: keep-alive
ETag: "6618d95c-1fe66"
Expires: Sun, 26 May 2024 06:32:02 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wxtdjs.com/static/picture/standing-desk.jpg
38.177.159.139200 OK 277 kB URL GET HTTP/1.1 wxtdjs.com/static/picture/standing-desk.jpg
IP 38.177.159.139:80
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x800, components 3
Size 277 kB (276897 bytes)
Hash 235bd5ed378068aadb400021147496b3
6b5cd6691898a51305b406abf1263e5b73293da9
d4f09becbe3aea15582719333a756f768e46ba03090f2d0527b7462879d7ac9d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/picture/standing-desk.jpg HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:02 GMT
Content-Type: image/jpeg
Content-Length: 276897
Last-Modified: Fri, 12 Apr 2024 06:49:00 GMT
Connection: keep-alive
ETag: "6618d95c-439a1"
Expires: Sun, 26 May 2024 06:32:02 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wxtdjs.com/static/picture/standing-desk2.jpg
38.177.159.139200 OK 196 kB URL GET HTTP/1.1 wxtdjs.com/static/picture/standing-desk2.jpg
IP 38.177.159.139:80
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x800, components 3
Size 196 kB (195940 bytes)
Hash 1e23cf2cd385cb6d435f33da97a988cc
3ddba27e01b27737e26606de116488be53f18a82
f33e071eeccd6512d8a9fa008a02545b2f7b014f14886ba1999d4601f3eb0471
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/picture/standing-desk2.jpg HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:02 GMT
Content-Type: image/jpeg
Content-Length: 195940
Last-Modified: Fri, 12 Apr 2024 06:49:02 GMT
Connection: keep-alive
ETag: "6618d95e-2fd64"
Expires: Sun, 26 May 2024 06:32:02 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wxtdjs.com/static/picture/logo-60-60.png
38.177.159.139200 OK 5.9 kB URL GET HTTP/1.1 wxtdjs.com/static/picture/logo-60-60.png
IP 38.177.159.139:80
Hash 9c9b2f633c6c1670a95c17b9a858eac7
5cb8b0bb98d4e28a6f03f163db17bb20e0fa2656
407508241a0c7dc4ca99987f78b34d226da3fdaa57f2c1114ba63b221e4e488b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/picture/logo-60-60.png HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:02 GMT
Content-Type: image/png
Content-Length: 5937
Last-Modified: Fri, 12 Apr 2024 06:24:40 GMT
Connection: keep-alive
ETag: "6618d3a8-1731"
Expires: Sun, 26 May 2024 06:32:02 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wxtdjs.com/static/js/comp.langBar.settings.js
38.177.159.139200 OK 852 B URL GET HTTP/1.1 wxtdjs.com/static/js/comp.langBar.settings.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text
Hash 7eb282fced87c594e670af568f607d90
d92d3d3e29f17212c4391469881932c37f09ca99
ec0114d8d9de6ee0602a4f462ea0941036ff098e520343181734b52f240b128d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/comp.langBar.settings.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:02 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:15:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df9e-cbe"
Expires: Fri, 26 Apr 2024 18:32:02 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/js/pages-index-contract~pages-index-index~pages-index-my~pagesB-function-appDown~pagesB-function-yingBa~b2d4a56c.50895358.js
20.2.31.84200 OK 9.8 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/js/pages-index-contract~pages-index-index~pages-index-my~pagesB-function-appDown~pagesB-function-yingBa~b2d4a56c.50895358.js
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type gzip compressed data, from Unix
Hash cabb8f2805799069fd9917fe54fb2612
e04b98c54fdea4355d751412ba1e8827e28a8265
b93668d45ac064788a12fa4f0f823bfe2e75f25ce0169027e86b23e561238895
GET /fuhua/static/js/pages-index-contract~pages-index-index~pages-index-my~pagesB-function-appDown~pagesB-function-yingBa~b2d4a56c.50895358.js HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:09 GMT
content-type: application/javascript
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
vary: Accept-Encoding
etag: W/"65f6a11a-9c3e"
cache-control: max-age=43200
content-encoding: gzip
x-country: NO
x-cache: HIT@whopperm3000000
X-Firefox-Spdy: h2
cdn.dcloud.net.cn/img/shadow-grey.png
111.231.169.247200 OK 136 B URL GET HTTP/1.1 cdn.dcloud.net.cn/img/shadow-grey.png
IP 111.231.169.247:443
ASN #45090 Shenzhen Tencent Computer Systems Company Limited
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerUnizeto Technologies S.A.
Subject*.dcloud.net.cn
FingerprintAE:46:5C:A4:9B:D3:F7:AC:7D:5E:C7:27:E1:5F:C3:7C:DA:CE:F2:AC
ValiditySat, 05 Aug 2023 03:00:05 GMT - Tue, 03 Sep 2024 03:00:04 GMT
File type PNG image data, 1 x 6, 4-bit colormap, non-interlaced
Hash 5a962adf74d92ae702467b3f47976547
36f74049375584e3fa69b5ef87e9572336ff9e7a
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f
GET /img/shadow-grey.png HTTP/1.1
Host: cdn.dcloud.net.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:30:14 GMT
Content-Type: image/png
Content-Length: 136
Last-Modified: Thu, 06 Jun 2019 06:42:07 GMT
Connection: close
ETag: "5cf8b5bf-88"
Expires: Fri, 26 Apr 2024 08:30:14 GMT
Cache-Control: max-age=7200
Set-Cookie: __uni__uid=rBEQUmYrSfZizgxobRGoAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dcloud.net.cn; path=/; secure; httponly; samesite=none
Accept-Ranges: bytes
wxtdjs.com/static/js/layerslider.transitions.js
38.177.159.139200 OK 4.1 kB URL GET HTTP/1.1 wxtdjs.com/static/js/layerslider.transitions.js
IP 38.177.159.139:80
File type ASCII text, with very long lines (50065), with no line terminators
Hash 83b7aab87b460ece447f418c14bee3cd
854a81e9e4f2b311d47a58c1d433f957f7e84b16
f07caca9a5abb22e752f7fb38fb3f5152d263a3c4b527af6368bd0e757f75900
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/layerslider.transitions.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:02 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:14:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df72-c391"
Expires: Fri, 26 Apr 2024 18:32:02 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/js/pages-index-loadAnimation.33739504.js
20.2.31.84200 OK 12 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/js/pages-index-loadAnimation.33739504.js
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type gzip compressed data, from Unix
Hash 9efe2b6a0a1f41b17cf8cc2a67ea6df0
f4fa13ebf6717a770173bd5e90707ff5d151868e
87137012c868667ce5b01bf2addc6f9f4d15594a4328a1df9d658fefe604c111
GET /fuhua/static/js/pages-index-loadAnimation.33739504.js HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:09 GMT
content-type: application/javascript
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
vary: Accept-Encoding
etag: W/"65f6a11a-1516"
cache-control: max-age=43200
content-encoding: gzip
x-country: NO
x-cache: HIT@whopperm3000000
X-Firefox-Spdy: h2
wxtdjs.com/static/picture/standing-desk3.jpg
38.177.159.139200 OK 203 kB URL GET HTTP/1.1 wxtdjs.com/static/picture/standing-desk3.jpg
IP 38.177.159.139:80
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x800, components 3
Size 203 kB (203298 bytes)
Hash d1293cf43da5c51f7470f4198bd9be42
5c01d717380f59662ce8b725476cc450807da681
b6bddb7fc9365ffc1915ed45bf365ac509f88dc00dc19667130f429fc1ea6e2e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/picture/standing-desk3.jpg HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:02 GMT
Content-Type: image/jpeg
Content-Length: 203298
Last-Modified: Fri, 12 Apr 2024 06:49:02 GMT
Connection: keep-alive
ETag: "6618d95e-31a22"
Expires: Sun, 26 May 2024 06:32:02 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wxtdjs.com/static/js/layerslider.kreaturamedia.jquery.js
38.177.159.139200 OK 24 kB URL GET HTTP/1.1 wxtdjs.com/static/js/layerslider.kreaturamedia.jquery.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text, with very long lines (505)
Hash e79ef89ef5708ff8beb8eaca0f42e8ed
59b83fb42fc3dadaa13ab9e43acfb76c16a6423e
9f8542f58b508abee0017551f8656667f3556f62495fa84643d45ef67219216f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/layerslider.kreaturamedia.jquery.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:02 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:14:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df72-157d2"
Expires: Fri, 26 Apr 2024 18:32:02 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
iprorwxhpnorlp5p-static.micyjz.com/cloud/lqBpiKiqlkSRmjqkklrjjo/favicon.ico
54.230.111.5400 Bad Request 17 B URL GET HTTP/2 iprorwxhpnorlp5p-static.micyjz.com/cloud/lqBpiKiqlkSRmjqkklrjjo/favicon.ico
IP 54.230.111.5:443
Certificate IssuerAmazon
Subject*.micyjz.com
Fingerprint8A:2C:0B:19:FF:2D:64:AD:43:9A:DC:DC:63:87:5F:0A:70:4F:D9:13
ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 15 Apr 2025 23:59:59 GMT
File type ASCII text, with no line terminators
Hash b40763e88ea86a818f98a4926dbd9fd3
8fc9e0ba943aaa82f1c78ba44d1f0d798c6316fd
c82e9ac54802065d1b3d669e7edf95d21b0f010a2073e59e23cf0167ce2a0200
GET /cloud/lqBpiKiqlkSRmjqkklrjjo/favicon.ico HTTP/1.1
Host: iprorwxhpnorlp5p-static.micyjz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 400 Bad Request
content-type: text/html; charset=utf-8
content-length: 17
date: Fri, 26 Apr 2024 06:30:15 GMT
x-powered-by: Express
cache-control: max-age=90
etag: W/"11-j8ngupQ6qoLxx4ukTR8NeYxjFv0"
x-cache: Error from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ggFfe2-hKaouqnTxzAgjZ2_Z7rvHJCZfkxg_uPN4LBfKJyoKmZc-5g==
X-Firefox-Spdy: h2
wxtdjs.com/static/picture/hutaomu.jpg
38.177.159.139200 OK 9.4 MB URL GET HTTP/1.1 wxtdjs.com/static/picture/hutaomu.jpg
IP 38.177.159.139:80
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 4096x4096, components 3
Size 9.4 MB (9354863 bytes)
Hash 86f9eecedb4c0bcf966e32a17aae4cc1
deef6477b1658162b0bfe6976d136b4848645e8e
c130eb2f54172c0f4c6f6bd5c9d63e1084f613e81fbcd68fdaa63760354af52e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/picture/hutaomu.jpg HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:58 GMT
Content-Type: image/jpeg
Content-Length: 9354863
Last-Modified: Fri, 12 Apr 2024 07:07:18 GMT
Connection: keep-alive
ETag: "6618dda6-8ebe6f"
Expires: Sun, 26 May 2024 06:31:58 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wxtdjs.com/static/js/greensock.js
38.177.159.139200 OK 26 kB URL GET HTTP/1.1 wxtdjs.com/static/js/greensock.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text, with very long lines (51574)
Hash 5053a975897e6d401cf4160819247f1a
8ca3cf72ef12f0910b96f2ce71f8c6b5d1de1cfc
6c270aa76349efc60f704bd52b4d0eb4d50da57a49fcf9e6efc663e988d0e464
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/greensock.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:14:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df72-cc50"
Expires: Fri, 26 Apr 2024 18:32:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/js/typewriter.js
38.177.159.139200 OK 445 B URL GET HTTP/1.1 wxtdjs.com/static/js/typewriter.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text
Hash e2b4effd45ecdab0851d8201bce665dc
a8e14911634f571ab8b23420bcb0046a1ca5a418
997603f95dc2bfb58dbaec1d6a773f93bfc80b63976e6b94de91528b84369bae
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/typewriter.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:05 GMT
Content-Type: application/javascript
Content-Length: 445
Last-Modified: Fri, 12 Apr 2024 07:14:58 GMT
Connection: keep-alive
ETag: "6618df72-1bd"
Expires: Fri, 26 Apr 2024 18:32:05 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
wxtdjs.com/static/js/comp.title.settings.js
38.177.159.139200 OK 488 B URL GET HTTP/1.1 wxtdjs.com/static/js/comp.title.settings.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text, with very long lines (345)
Hash 0162ca33a370521810710d2c70ba7be7
6ba9e690397d833e7dbd92fb2af0edd32e7cd0e4
ab280512a17e9c96e11c7b70b7fcd1e361cd1f6a0398b8d8b90fe2bef8ce0613
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/comp.title.settings.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:05 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:15:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df84-501"
Expires: Fri, 26 Apr 2024 18:32:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/js/prodDetail_table.js
38.177.159.139200 OK 851 B URL GET HTTP/1.1 wxtdjs.com/static/js/prodDetail_table.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text
Hash 75ecd81e3dc634ed0e3e93bb7ae2802d
c9147a71425628e7d6445960acc75dc804edb503
6037923d16ada9cd939bb8151b74e7b2c9fc2ab12f9ffcf5bcc1c8cff432ff6f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/prodDetail_table.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:05 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:15:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df9e-77e"
Expires: Fri, 26 Apr 2024 18:32:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
adhahd13.com.adak1.com.sdlak983.top:3443/api/v1/sys_config/list
20.2.31.84200 OK 2.4 kB URL POST HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/api/v1/sys_config/list
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
Hash 906b007ce343d485749977c49e9a883c
58e04c78deb60e6abefd9988e76e27740fd4c8cf
d47807e91415153cd5ed2fd062f9a77e83f120e5cc7aeea29acbfd16234dca9d
POST /api/v1/sys_config/list HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1009
Origin: https://adhahd13.com.adak1.com.sdlak983.top:3443
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:09 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
x-country: NO
x-cache: @whopperm3000000
content-encoding: br
X-Firefox-Spdy: h2
wxtdjs.com/static/js/jquery.share.js
38.177.159.139200 OK 1.3 kB URL GET HTTP/1.1 wxtdjs.com/static/js/jquery.share.js
IP 38.177.159.139:80
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (904)
Hash cdd33d5b714af25a1459963447809c36
ac0f917b4dcfae66c202d0bd456dfaef0714e5cc
6306e8e5cefa864c986a81e1f34f69288e5869a2fb895580b71ddf45aa549c6b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/jquery.share.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:15:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df86-bbc"
Expires: Fri, 26 Apr 2024 18:32:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/js/jquery.tooltipster.js
38.177.159.139200 OK 5.4 kB URL GET HTTP/1.1 wxtdjs.com/static/js/jquery.tooltipster.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text, with very long lines (719)
Hash eb9cecdebfc04edb8a1359afcd337091
64b050f90072e3301ec66473ce70421f4607c773
78bca29ae66a5a4468f6ff4721b9ed20ce89c1178ad33fc8cdea3d693ae37ecd
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/jquery.tooltipster.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:15:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df86-4679"
Expires: Fri, 26 Apr 2024 18:32:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/js/comp.onlineService.settings.js
38.177.159.139200 OK 1.4 kB URL GET HTTP/1.1 wxtdjs.com/static/js/comp.onlineService.settings.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text, with very long lines (309)
Hash 1de3aa71ac594b3c00b1b36d2a891cc0
b40ab7d87f1bc3fe67db132dce5d9ad2c6afa6a4
b7729c4d6f61cbaa15313f2c91ab3702836fa4e611fda7a5229c43366e6d188e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/comp.onlineService.settings.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:15:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df86-1274"
Expires: Fri, 26 Apr 2024 18:32:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/js/form_script.js
38.177.159.139200 OK 10 kB URL GET HTTP/1.1 wxtdjs.com/static/js/form_script.js
IP 38.177.159.139:80
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (1322)
Hash e26f4a3bf02bb5a3cbe6a5bc1e233c17
0b5bd28681089bad1c5eb6f6ba246b5248f63d7e
29739e31c425cd75f87d19e9f830c84146e11c5650a6a071241a8c3598346ee4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/form_script.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:15:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df9e-b072"
Expires: Fri, 26 Apr 2024 18:32:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/js/WdatePicker.js
38.177.159.139200 OK 4.9 kB URL GET HTTP/1.1 wxtdjs.com/static/js/WdatePicker.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text, with very long lines (10842), with no line terminators
Hash 9d69fc9eb7a1aa18fbb0ffdd4cd943cc
6af587bcfb2e66f3ea49696487c781d2da2388c8
92ae9dc48becbbaa927164458472c721df2c8c6a344f5fba9550011f17e922f3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/WdatePicker.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:15:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df9e-2a5a"
Expires: Fri, 26 Apr 2024 18:32:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/assets/widget/script/plugins/My97DatePicker/skin/WdatePicker.css?_=1714113020477c0b
38.177.159.139404 Not Found 146 B URL GET HTTP/1.1 wxtdjs.com/static/assets/widget/script/plugins/My97DatePicker/skin/WdatePicker.css?_=1714113020477c0b
IP 38.177.159.139:80
File type HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/assets/widget/script/plugins/My97DatePicker/skin/WdatePicker.css?_=1714113020477c0b HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 26 Apr 2024 06:32:08 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
wxtdjs.com/static/js/datepicker.js
38.177.159.139200 OK 12 kB URL GET HTTP/1.1 wxtdjs.com/static/js/datepicker.js
IP 38.177.159.139:80
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (1513)
Hash fa9ad280595f224273967d0990bfa6ed
f230deb1f35afb8b0d23071502fa7153b49091db
18e1da2c322d6d88200db74cd5b322144f6cf726645235b1998245b85ceec094
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/datepicker.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:08 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:15:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df9e-91e6"
Expires: Fri, 26 Apr 2024 18:32:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/js/datepicker.en.js
38.177.159.139200 OK 521 B URL GET HTTP/1.1 wxtdjs.com/static/js/datepicker.en.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text, with very long lines (509)
Hash e6064bf5eeea7e3f21352c14473a3cfb
b8e19402150df85d3ef2ec9137ec3b870017d9ea
5326cfb7e1fa58a08213ea689908d429f45aefdd3699be129498047e9eeed878
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/datepicker.en.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:08 GMT
Content-Type: application/javascript
Content-Length: 521
Last-Modified: Fri, 12 Apr 2024 07:15:42 GMT
Connection: keep-alive
ETag: "6618df9e-209"
Expires: Fri, 26 Apr 2024 18:32:08 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
wxtdjs.com/static/js/comp.text.settings.js
38.177.159.139200 OK 469 B URL GET HTTP/1.1 wxtdjs.com/static/js/comp.text.settings.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text, with very long lines (311)
Hash fe09e8299272a1ad0a88f080d29ff4d9
dda7468c17d4084527f4e9dd49e7b6b2a22bc081
b9df8468253b3288369423b6bdfb8dc24778c280941d178a054785cc3e52db56
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/comp.text.settings.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:09 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:15:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df86-45c"
Expires: Fri, 26 Apr 2024 18:32:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/css/video.css
38.177.159.139200 OK 2.9 kB URL GET HTTP/1.1 wxtdjs.com/static/css/video.css
IP 38.177.159.139:80
File type ASCII text, with very long lines (2340)
Hash b8fbd8ed88123e3e4159956e9691b9ba
e62c4b24867e1f9b41ced82709bdccc6b6b78063
70d644f8d3e5e1b43dc8fe8909f8647494a7057e3835bb1f6fd9b0b1bea46eaa
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/video.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:09 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:14:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df56-155a"
Expires: Fri, 26 Apr 2024 18:32:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/css/button1.css
38.177.159.139200 OK 550 B URL GET HTTP/1.1 wxtdjs.com/static/css/button1.css
IP 38.177.159.139:80
File type ASCII text, with very long lines (446)
Hash 15206a805798095a4d3bbdea570200ca
ad3e76673ce011db3d35f1cd2b3cc6638711591e
c4b9cb8712021ea25d3ca05d4d20fe2cad3c4d19b738af65e20f3ff9860d5dc8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/button1.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:09 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:14:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df56-901"
Expires: Fri, 26 Apr 2024 18:32:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/css/colorbox.css
38.177.159.139200 OK 1.5 kB URL GET HTTP/1.1 wxtdjs.com/static/css/colorbox.css
IP 38.177.159.139:80
Hash df0483fe7a3afe11789c78b22159e710
f68e1755758d5c01ae9a15ef7f52bef48eb9b2cb
612aefe50b76d5ac67922d2e180889cb53e79240b84033eaf688e01a0a9196a1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/colorbox.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:09 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:14:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df56-13fe"
Expires: Fri, 26 Apr 2024 18:32:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/css/videoM3u8.css
38.177.159.139200 OK 12 kB URL GET HTTP/1.1 wxtdjs.com/static/css/videoM3u8.css
IP 38.177.159.139:80
File type Unicode text, UTF-8 text, with very long lines (5909)
Hash 50be2670f020abe24538bdbec2d19af5
2b8eb012bfaecbf9ff7db321a96ef3a35d42b378
b94a338b4b3079089baaa67f53748e3d3de6a4e82b7512f86692a8488153cc73
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/videoM3u8.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:09 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:14:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df56-9e01"
Expires: Fri, 26 Apr 2024 18:32:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/js/lozad.min.js
38.177.159.139200 OK 1.3 kB URL GET HTTP/1.1 wxtdjs.com/static/js/lozad.min.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text
Hash 12977d024563af7b92a39fef1f1950eb
2eed21321d3d3333c937d7197b89c09c8bac6933
fa983274a1810b595f7fb9f18da83328e619b746c98b2fc9a621dd22e2913cea
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/lozad.min.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:09 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:15:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df86-bd1"
Expires: Fri, 26 Apr 2024 18:32:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/js/button.js
38.177.159.139200 OK 544 B URL GET HTTP/1.1 wxtdjs.com/static/js/button.js
IP 38.177.159.139:80
Hash aa93ebc82c64827d8402d2d691411662
c3d1328b99cb2542b27cda21678f2a4d0f7edfac
3aa09676c2c6ea706b6ec6e3df6d20e5f35a36fbaf132a4b1aa167b508010f71
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/button.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:09 GMT
Content-Type: application/javascript
Content-Length: 544
Last-Modified: Fri, 12 Apr 2024 07:15:18 GMT
Connection: keep-alive
ETag: "6618df86-220"
Expires: Fri, 26 Apr 2024 18:32:09 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
wxtdjs.com/static/css/style1.css
38.177.159.139200 OK 1.1 kB URL GET HTTP/1.1 wxtdjs.com/static/css/style1.css
IP 38.177.159.139:80
File type ASCII text, with very long lines (3774), with no line terminators
Hash e59845e54025eabfcf25d00c36abe0f1
faf007add3cd7f76d58bd14270b0839c10c144de
0ad6b61726e72b6e3ca5b6ca1451124e81a38175fb096e3ccf6b6fd8ef61a819
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/style1.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:09 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:13:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df36-ebe"
Expires: Fri, 26 Apr 2024 18:32:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/css/slick.css
38.177.159.139200 OK 524 B URL GET HTTP/1.1 wxtdjs.com/static/css/slick.css
IP 38.177.159.139:80
File type ASCII text, with very long lines (1539), with no line terminators
Hash 92425573c02754992b3fc4dc4f317aad
4facc84744951021dc5aa9cb06d6bd9056e57f26
626507dcd895ea607458d82f028ed56679d0a3680eb23c7d1c21776f67382860
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/slick.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:09 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:13:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df36-603"
Expires: Fri, 26 Apr 2024 18:32:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/css/jumpNum.css
38.177.159.139200 OK 472 B URL GET HTTP/1.1 wxtdjs.com/static/css/jumpNum.css
IP 38.177.159.139:80
Hash 499edf6f284104bb7daf13d7eed414bf
c63c8ebfc28e2e4dfcb5eb244401905b62874aae
e7b511101d9553d1e046b090e0aca7fb1a5e87d76abcc6f25c55fc9ca7264c1f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/jumpNum.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:09 GMT
Content-Type: text/css
Content-Length: 472
Last-Modified: Fri, 12 Apr 2024 07:14:30 GMT
Connection: keep-alive
ETag: "6618df56-1d8"
Expires: Fri, 26 Apr 2024 18:32:09 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
wxtdjs.com/static/css/touchgraphicslider.css
38.177.159.139200 OK 8.0 kB URL GET HTTP/1.1 wxtdjs.com/static/css/touchgraphicslider.css
IP 38.177.159.139:80
File type ASCII text, with very long lines (2317)
Hash 27c0958914b6349e64aa57ba517f6be4
f7fc9b8694c25f7cb955f1f825c57b2391e2efaf
c162c5d50fe8b8a6e18a4871868323c61e534069897b09b0007ede1f5d5e7922
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/touchgraphicslider.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:09 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:14:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df6c-7570"
Expires: Fri, 26 Apr 2024 18:32:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/css/slick-theme.css
38.177.159.139200 OK 1.8 kB URL GET HTTP/1.1 wxtdjs.com/static/css/slick-theme.css
IP 38.177.159.139:80
File type Unicode text, UTF-8 text, with very long lines (566)
Hash a5bcfb0cb4ecf889c007613b8b9f8720
a3b0c4a114b874e7a3c90d726551abd14dc565db
868837274396e751194bbeb31077796fce17bcddca03dfe557a7bd3a11a4e8be
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/slick-theme.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:09 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:14:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df6c-1bc9"
Expires: Fri, 26 Apr 2024 18:32:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/css/slick1.css
38.177.159.139200 OK 521 B URL GET HTTP/1.1 wxtdjs.com/static/css/slick1.css
IP 38.177.159.139:80
File type ASCII text, with very long lines (313)
Hash aa09d0d4fed2fc4d45496e4a3374d716
64093b7095da7273206f924d479719d5501b1373
9b01a5bdb787a8efb99ecc1395b85fd2a55afab93313ab10c168ac42f76e7f67
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/slick1.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:09 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:14:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df6c-545"
Expires: Fri, 26 Apr 2024 18:32:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/css/swiper.css
38.177.159.139200 OK 4.8 kB URL GET HTTP/1.1 wxtdjs.com/static/css/swiper.css
IP 38.177.159.139:80
File type ASCII text, with very long lines (2308)
Hash 6294a64b49d60ea44f8153483282735d
0029ebd60b1cc05c2536d9eaf831a24e1c498ae5
c05146c6e6a5349066f13df61f85493f874f81cc83dbd619abb28c5d3697718a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/swiper.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:09 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:13:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df36-4521"
Expires: Fri, 26 Apr 2024 18:32:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/css/swiper.min.css
38.177.159.139200 OK 3.3 kB URL GET HTTP/1.1 wxtdjs.com/static/css/swiper.min.css
IP 38.177.159.139:80
File type ASCII text, with very long lines (19065), with no line terminators
Hash bca3a59eb837c9962b7c8d3f58b62ae8
265c7dd73c0d7a4e9c403545734aa274a0d01d5a
2ad401fea5d79a777c303b3d67e65a79e2afae4304d6fdc2fc70debdb004c037
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/swiper.min.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:09 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:13:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df36-4a79"
Expires: Fri, 26 Apr 2024 18:32:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/js/index_22864.js
38.177.159.139200 OK 959 B URL GET HTTP/1.1 wxtdjs.com/static/js/index_22864.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text, with very long lines (565)
Hash 5a273036f98c627541c46911abea543b
7132e35af707338124849a726ddcb3da1c90dcc9
60a52e6d59bcffd9c20908433c086a08276241caacaaed90d8cd3e1bb2774224
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/index_22864.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:09 GMT
Content-Type: application/javascript
Content-Length: 959
Last-Modified: Fri, 12 Apr 2024 07:14:58 GMT
Connection: keep-alive
ETag: "6618df72-3bf"
Expires: Fri, 26 Apr 2024 18:32:09 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
wxtdjs.com/static/css/style2.css
38.177.159.139200 OK 2.2 kB URL GET HTTP/1.1 wxtdjs.com/static/css/style2.css
IP 38.177.159.139:80
File type ASCII text, with very long lines (10214), with no line terminators
Hash b4844b83413e8cabb01d76b6f346c6b4
03cf8d960dd72c550fdcf8bda1fd752f4620153c
b07e5f093ca85e68c8cf2795a5e9bc74c4a9ee5915a639a6fe3ce09583190dc7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/style2.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:09 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:13:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df36-27e6"
Expires: Fri, 26 Apr 2024 18:32:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/js/jquery.colorbox.js
38.177.159.139200 OK 5.4 kB URL GET HTTP/1.1 wxtdjs.com/static/js/jquery.colorbox.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text, with very long lines (1052)
Hash 268900dfe846fa47ce61a7dc7ecdd557
81bf257666b136d079748566a46c5f69e486913f
d57b00599ba2dff1e9e49f7cde768292786f65fe24071b73e2c1e49232e6fe81
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/jquery.colorbox.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:09 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:15:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df86-3453"
Expires: Fri, 26 Apr 2024 18:32:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/css/style3.css
38.177.159.139200 OK 918 B URL GET HTTP/1.1 wxtdjs.com/static/css/style3.css
IP 38.177.159.139:80
File type ASCII text, with very long lines (2718), with no line terminators
Hash 26f8f5405734e0032a4d5d21b9b3e392
e21d0940678c43cd497321909d95e9626b2a1185
e281c86d1c0f20bd17ad8a27e94f1bad00b5a8e6f28c81136300610c94c35286
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/style3.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:10 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:14:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df52-a9e"
Expires: Fri, 26 Apr 2024 18:32:10 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/js/block_22864.js
38.177.159.139200 OK 2.6 kB URL GET HTTP/1.1 wxtdjs.com/static/js/block_22864.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text, with very long lines (607)
Hash 1dd4f5f189290bee2de3550643ac2eef
199181f4a40547ff85cd4301e49eee64ddc6c48b
1cc33e21dbd6c69283ef95ed186d4669c12cb3bd3a76e0ca05b21a191cb62f9e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/block_22864.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:10 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:14:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df72-18ae"
Expires: Fri, 26 Apr 2024 18:32:10 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/js/slick.min.js
38.177.159.139200 OK 12 kB URL GET HTTP/1.1 wxtdjs.com/static/js/slick.min.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text, with very long lines (573)
Hash a78696e103dd73d9cb12d426e630edb4
256dbd32d8d8220dbd08047c70c6781262fbe6f0
52a753ce8bd7fa3f93fdf029f4ce22324c0259855dc47dd4fa26e8530b21ff8d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/slick.min.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:10 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:14:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df72-a811"
Expires: Fri, 26 Apr 2024 18:32:10 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/js/demo2.js
38.177.159.139200 OK 2.4 kB URL GET HTTP/1.1 wxtdjs.com/static/js/demo2.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text, with very long lines (559)
Hash 16353e133d6597a0b127615562945ed6
d00d4b01377b1b75342a5560deb5182f76e83f6b
542ec8f00df2cf5e333939921c854ea0bc192ec0a5580c805fc1d83671f51cd5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/demo2.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:10 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:14:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df72-44c8"
Expires: Fri, 26 Apr 2024 18:32:10 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/js/slick.js
38.177.159.139200 OK 12 kB URL GET HTTP/1.1 wxtdjs.com/static/js/slick.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text, with very long lines (606)
Hash 05dac64cbe1e6f11a2aaca38acc22f74
a8cfe8d8e2b699f688dc4910f160de27c0c037e7
e6b596a478f7bb09a0f3dcaabedad867776b5501bf020c5ee39179321fc0278e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/slick.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:11 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:15:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df9e-a65b"
Expires: Fri, 26 Apr 2024 18:32:11 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/js/swiper1.js
38.177.159.139200 OK 55 kB URL GET HTTP/1.1 wxtdjs.com/static/js/swiper1.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text, with very long lines (841), with CRLF line terminators
Hash 4169bcc834717d0b1c53bb7e8c663fc3
4a6bd14c7036d5eafb77bced54039c2826421035
bd5e5076dfe776d58163d513984844559ccfc870296ab10a929c8e438488b706
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/swiper1.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:11 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:14:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df72-38f0b"
Expires: Fri, 26 Apr 2024 18:32:11 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/js/swiper.min.js
38.177.159.139200 OK 34 kB URL GET HTTP/1.1 wxtdjs.com/static/js/swiper.min.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text, with very long lines (570)
Hash ffbab0fe4420ca3693d4e37902ab62f7
6356d734fda8b5c2dc16aeffa8d7506d2006d358
6ad4b86bcbfe6e282952ea5fc6cacf17f62311bb8668de9c3e3c6320f5c5db7f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/swiper.min.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:12 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:14:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df72-1b7ba"
Expires: Fri, 26 Apr 2024 18:32:12 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/js/demo3.js
38.177.159.139200 OK 708 B URL GET HTTP/1.1 wxtdjs.com/static/js/demo3.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text, with very long lines (542)
Hash b360037a311a1b59e6f0c8a76ea68964
70ee8d02d263e248756b13bb5cd1be0df13c6a4c
c9859abddba90bd9c8670bc3f25cc5a4442442b7f7f7c25af2452ca1deb55349
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/demo3.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:12 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:14:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df72-5b2"
Expires: Fri, 26 Apr 2024 18:32:12 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/js/demo1.js
38.177.159.139200 OK 499 B URL GET HTTP/1.1 wxtdjs.com/static/js/demo1.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text, with very long lines (499), with no line terminators
Hash d5644e9ed226415ff8b7356125b4b3d4
08c2eb8399aadcbdd37896ff243c1e0994981cbc
67b6eae88b9ad5a5c806eb3f68fb011f47409f335c76d6b6d3c9982792af872a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/demo1.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:12 GMT
Content-Type: application/javascript
Content-Length: 499
Last-Modified: Fri, 12 Apr 2024 07:15:18 GMT
Connection: keep-alive
ETag: "6618df86-1f3"
Expires: Fri, 26 Apr 2024 18:32:12 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
wxtdjs.com/static/js/float_card.js?_=1714113008698
38.177.159.139200 OK 444 B URL GET HTTP/1.1 wxtdjs.com/static/js/float_card.js?_=1714113008698
IP 38.177.159.139:80
Hash 4ffb3b1a1bebe29eebd3fb8900e95439
40de7b4aced32bc97bef12c5f0953a6d4678f01a
f5da10bb7b7e7dcf9d205cd097a8813d183fd41ec0cc16876ec698fcb0b9a938
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/float_card.js?_=1714113008698 HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:13 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:14:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df6c-441"
Expires: Fri, 26 Apr 2024 18:32:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/css/focustech-kefu.css
38.177.159.139200 OK 1.4 kB URL GET HTTP/1.1 wxtdjs.com/static/css/focustech-kefu.css
IP 38.177.159.139:80
File type ASCII text, with very long lines (7088), with CRLF line terminators
Hash c4d696d577f2a9f39d0a717826b11609
fa758eafac80b54492abd4c6d22b8655f00503e7
168813edef34e10a25376e89a1138630b0770075e253904a971248822142ee39
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/focustech-kefu.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:13 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:14:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df6c-1bb2"
Expires: Fri, 26 Apr 2024 18:32:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/js/loader.js
38.177.159.139200 OK 883 B URL GET HTTP/1.1 wxtdjs.com/static/js/loader.js
IP 38.177.159.139:80
File type ASCII text, with very long lines (883), with no line terminators
Hash 1c0cf3feb24a6db623ede13114f73fd4
3bea25090659db3de7226761ff195036a357141b
25b7e04b5e37ff4d70a0ecb204859c085e9b467a9b6a4f78473d93f211f16fb4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/loader.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:13 GMT
Content-Type: application/javascript
Content-Length: 883
Last-Modified: Fri, 12 Apr 2024 07:15:42 GMT
Connection: keep-alive
ETag: "6618df9e-373"
Expires: Fri, 26 Apr 2024 18:32:13 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
wxtdjs.com/assets/TM_OCS_SV_2020.10.3/css/icon.css?t=1603867117705
38.177.159.139404 Not Found 146 B URL GET HTTP/1.1 wxtdjs.com/assets/TM_OCS_SV_2020.10.3/css/icon.css?t=1603867117705
IP 38.177.159.139:80
File type HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/TM_OCS_SV_2020.10.3/css/icon.css?t=1603867117705 HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 26 Apr 2024 06:32:13 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
wxtdjs.com/assets/TM_OCS_SV_2020.10.3/js/icon.js?t=1603867117705
38.177.159.139404 Not Found 146 B URL GET HTTP/1.1 wxtdjs.com/assets/TM_OCS_SV_2020.10.3/js/icon.js?t=1603867117705
IP 38.177.159.139:80
File type HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/TM_OCS_SV_2020.10.3/js/icon.js?t=1603867117705 HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 26 Apr 2024 06:32:13 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
iprorwxhpnorlp5p-static.micyjz.com/static/assets/widget/script/plugins/layerslider/skins/fullwidthdark/skin.css
54.230.111.98400 Bad Request 971 B URL GET HTTP/1.1 iprorwxhpnorlp5p-static.micyjz.com/static/assets/widget/script/plugins/layerslider/skins/fullwidthdark/skin.css
IP 54.230.111.98:80
File type HTML document, ASCII text, with very long lines (971), with no line terminators
Hash 7d8cd418a74feda610f595a7887249e2
c946c9441f4a5d3e2cef87a27f232753ea3b020d
554dfa07d226fef00047468a61fedb84769d39045bd777e58b83de342c41e47a
GET /static/assets/widget/script/plugins/layerslider/skins/fullwidthdark/skin.css HTTP/1.1
Host: iprorwxhpnorlp5p-static.micyjz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 400 Bad Request
Content-Type: text/html;charset=utf-8
Content-Length: 971
Connection: keep-alive
Server: nginx
Date: Fri, 26 Apr 2024 06:30:26 GMT
Phoenix-Mark: lqBoqKVjkWViiWjjWVqiim
Phoenix-R-T: 2024-04-26 14:30:26
Cache-Control: s-maxage=90
X-Cache: Error from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QwIGpWkEgYS-RpQwORGAoKzhUUuRvak31XWRwh5HQdBRRWsGBxiFuA==
iprorwxhpnorlp5p-static.micyjz.com/static/assets/widget/script/compsettings/comp.logo.settings.js?_=1709683377617
54.230.111.5400 Bad Request 971 B URL GET HTTP/1.1 iprorwxhpnorlp5p-static.micyjz.com/static/assets/widget/script/compsettings/comp.logo.settings.js?_=1709683377617
IP 54.230.111.5:80
File type HTML document, ASCII text, with very long lines (971), with no line terminators
Hash 7d8cd418a74feda610f595a7887249e2
c946c9441f4a5d3e2cef87a27f232753ea3b020d
554dfa07d226fef00047468a61fedb84769d39045bd777e58b83de342c41e47a
GET /static/assets/widget/script/compsettings/comp.logo.settings.js?_=1709683377617 HTTP/1.1
Host: iprorwxhpnorlp5p-static.micyjz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 400 Bad Request
Content-Type: text/html;charset=utf-8
Content-Length: 971
Connection: keep-alive
Server: nginx
Date: Fri, 26 Apr 2024 06:30:26 GMT
Phoenix-Mark: ikBoqKVjkWVimWVriWonn
Phoenix-R-T: 2024-04-26 14:30:26
Cache-Control: s-maxage=90
X-Cache: Error from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: pCto2JaajN5T9oPrUsDhiA3P0CnAYseC_fE0FYjYQMxhUiWcIa4rWg==
wxtdjs.com/static/js/videoM3u8.js?_=1714113008699
38.177.159.139200 OK 150 kB URL GET HTTP/1.1 wxtdjs.com/static/js/videoM3u8.js?_=1714113008699
IP 38.177.159.139:80
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (44528)
Size 150 kB (149522 bytes)
Hash 7b35083811c9d47952f588a2b55e63b6
613479daed060cdac4e9c198e5300cb12329ac5b
c2512555f43e85b707cb6c915095f199da1d1735c8eca86b7b4c8b55d0e04e0d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/videoM3u8.js?_=1714113008699 HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:14 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:15:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df86-725ef"
Expires: Fri, 26 Apr 2024 18:32:14 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/picture/tesila-640-640.jpg
38.177.159.139200 OK 6.4 kB URL GET HTTP/1.1 wxtdjs.com/static/picture/tesila-640-640.jpg
IP 38.177.159.139:80
File type JPEG image data, baseline, precision 8, 324x120, components 3
Hash 8320e4bda8d49c9d1a13d5e8c0b2aeca
94cb713f2326b56d31e9e49266fb549025ba9528
4ce129519eac6b751c7aa14748460d99779cf0fed3d595fed0cec6ed41116ee8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/picture/tesila-640-640.jpg HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:14 GMT
Content-Type: image/jpeg
Content-Length: 6399
Last-Modified: Fri, 12 Apr 2024 06:49:10 GMT
Connection: keep-alive
ETag: "6618d966-18ff"
Expires: Sun, 26 May 2024 06:32:14 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wxtdjs.com/static/image/ajax-loader.gif
38.177.159.139200 OK 4.2 kB URL GET HTTP/1.1 wxtdjs.com/static/image/ajax-loader.gif
IP 38.177.159.139:80
File type GIF image data, version 89a, 32 x 32
Hash c5cd7f5300576ab4c88202b42f6ded62
7a1aa43614396382bb15e5fde574d9cdcd21698f
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/image/ajax-loader.gif HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/static/css/slick-theme.css
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:14 GMT
Content-Type: image/gif
Content-Length: 4178
Last-Modified: Fri, 12 Apr 2024 07:10:26 GMT
Connection: keep-alive
ETag: "6618de62-1052"
Expires: Sun, 26 May 2024 06:32:14 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wxtdjs.com/static/picture/logo-640-640.png
38.177.159.139 16 kB URL GET wxtdjs.com/static/picture/logo-640-640.png
IP 38.177.159.139:0
File type PNG image data, 324 x 120, 8-bit/color RGBA, non-interlaced
Hash eed2f11ab13fc7d3fc9bee130ddb4caf
9cf7da06c909071db570825efa8f0b45c4e05f14
b4b59afe998d666ff7573927c469d14e4b5a15f92d4a2e91f1fdbcc27d0c1d01
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/picture/logo-640-640.png HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:14 GMT
Content-Type: image/png
Content-Length: 15765
Last-Modified: Fri, 12 Apr 2024 06:52:08 GMT
Connection: keep-alive
ETag: "6618da18-3d95"
Expires: Sun, 26 May 2024 06:32:14 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wxtdjs.com/static/picture/kaishike-640-640.jpg
38.177.159.139200 OK 33 kB URL GET HTTP/1.1 wxtdjs.com/static/picture/kaishike-640-640.jpg
IP 38.177.159.139:80
File type JPEG image data, baseline, precision 8, 324x120, components 3
Hash ec6c1b6ca376e7224d70e67c7fce1e55
829f7aa940cd11919a56fc9a6deb5aa780f1450b
8d10cd513d7a4fd2b9621d5284f5d532598c7304241a4cb3419c57298f8e9b05
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/picture/kaishike-640-640.jpg HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:14 GMT
Content-Type: image/jpeg
Content-Length: 33126
Last-Modified: Fri, 12 Apr 2024 06:49:10 GMT
Connection: keep-alive
ETag: "6618d966-8166"
Expires: Sun, 26 May 2024 06:32:14 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wxtdjs.com/static/picture/logo-640-6401.png
38.177.159.139200 OK 12 kB URL GET HTTP/1.1 wxtdjs.com/static/picture/logo-640-6401.png
IP 38.177.159.139:80
File type PNG image data, 324 x 120, 8-bit/color RGBA, non-interlaced
Hash c4a4842136390e4ad5a920302984c7b9
8e8d463baab13a60c0f8ae447803a568854d88af
aa54ee0ecd0f6037b90ec2f0819022efdbc9872b2763b162062b8e1109ca297a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/picture/logo-640-6401.png HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:14 GMT
Content-Type: image/png
Content-Length: 11800
Last-Modified: Fri, 12 Apr 2024 06:52:06 GMT
Connection: keep-alive
ETag: "6618da16-2e18"
Expires: Sun, 26 May 2024 06:32:14 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wxtdjs.com/static/picture/vivo-640-640.jpg
38.177.159.139 15 kB URL GET wxtdjs.com/static/picture/vivo-640-640.jpg
IP 38.177.159.139:0
File type JPEG image data, baseline, precision 8, 324x120, components 3
Hash 0eeb81ca75ecb5a1e3e35f9a000b09c2
c3e345a6c60bdba4fd875de5da3ce397ea0edd33
1914b224e96509f4870d712c1082ed4391f0ade04c05a2d8f8f8ab0f1fb5002a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/picture/vivo-640-640.jpg HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:14 GMT
Content-Type: image/jpeg
Content-Length: 15008
Last-Modified: Fri, 12 Apr 2024 06:49:14 GMT
Connection: keep-alive
ETag: "6618d96a-3aa0"
Expires: Sun, 26 May 2024 06:32:14 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wxtdjs.com/static/picture/up-640-640.jpg
38.177.159.139200 OK 7.3 kB URL GET HTTP/1.1 wxtdjs.com/static/picture/up-640-640.jpg
IP 38.177.159.139:80
File type JPEG image data, baseline, precision 8, 324x120, components 3
Hash 717af74f773dc4740e353c223ff8417e
4cc16daf029c8b9f074937210956521c6e89f7ab
483f453a9c50833fbb5ef5f0d381b549386152afc75e2b930e83f4e05ac29e28
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/picture/up-640-640.jpg HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:14 GMT
Content-Type: image/jpeg
Content-Length: 7304
Last-Modified: Fri, 12 Apr 2024 06:49:16 GMT
Connection: keep-alive
ETag: "6618d96c-1c88"
Expires: Sun, 26 May 2024 06:32:14 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wxtdjs.com/static/picture/logo-640-6402.png
38.177.159.139200 OK 6.8 kB URL GET HTTP/1.1 wxtdjs.com/static/picture/logo-640-6402.png
IP 38.177.159.139:80
File type PNG image data, 324 x 120, 8-bit/color RGBA, non-interlaced
Hash e52a35276743e2cc76151954e7305397
bb1ab2fc8b2c37be5b924a1381a17d7d091056a7
570322bcb69ad9de0cafce91480f151446d9d54d85606385a454e4f310a38825
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/picture/logo-640-6402.png HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:16 GMT
Content-Type: image/png
Content-Length: 6798
Last-Modified: Fri, 12 Apr 2024 06:52:08 GMT
Connection: keep-alive
ETag: "6618da18-1a8e"
Expires: Sun, 26 May 2024 06:32:16 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wxtdjs.com/static/picture/logo-640-6403.png
38.177.159.139 15 kB URL wxtdjs.com/static/picture/logo-640-6403.png
IP 38.177.159.139:0
File type PNG image data, 324 x 120, 8-bit/color RGBA, non-interlaced
Hash 52ec0f08a24cff527d81ea601e9392cd
74d49e4cb6d8543b2b3a1473052b28db672ff590
661f90129f5f5019009ee08344c0f04b4025700276da25855cdcff69cdd0068f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/picture/logo-640-6403.png HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:18 GMT
Content-Type: image/png
Content-Length: 15217
Last-Modified: Fri, 12 Apr 2024 06:52:08 GMT
Connection: keep-alive
ETag: "6618da18-3b71"
Expires: Sun, 26 May 2024 06:32:18 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wxtdjs.com/static/picture/logo-640-6404.png
38.177.159.139 10 kB URL wxtdjs.com/static/picture/logo-640-6404.png
IP 38.177.159.139:0
File type PNG image data, 324 x 120, 8-bit/color RGBA, non-interlaced
Hash 1c6db661b3435b9706949a832e6dcd7e
81d6a03658c9a0e97cd430431b4a2f65511de0c2
e6c588ac9fa1476885bb89fa7b1f4f7fa0172f8a549a38ac00abc4d76428eba2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/picture/logo-640-6404.png HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162; TawkConnectionTime=1714113033491; twk_idm_key=osCVjQn7fSLf0A8pgXjM5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:21 GMT
Content-Type: image/png
Content-Length: 10507
Last-Modified: Fri, 12 Apr 2024 06:52:08 GMT
Connection: keep-alive
ETag: "6618da18-290b"
Expires: Sun, 26 May 2024 06:32:21 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
embed.tawk.to/_s/v4/app/662a1eb9625/js/twk-main.js
172.67.38.66 60 kB URL embed.tawk.to/_s/v4/app/662a1eb9625/js/twk-main.js
IP 172.67.38.66:0
File type ASCII text, with no line terminators
Hash da5bb1dc647470204df0e49f5afac2de
f5cbf596ca5e4fe208e4c55af6e45b71f9febbe8
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
GET /_s/v4/app/662a1eb9625/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://wxtdjs.com
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:30:32 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 09:14:17 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a48654aa79b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
151.101.65.229 41 kB URL cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
IP 151.101.65.229:0
File type ASCII text, with very long lines (32014)
Hash 7bb7aac0cac89a90304af1c72eb4f50d
729f6f8ca5787d89743b0ed7eb27fd76406bf985
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 06:30:34 GMT
age: 9661685
x-served-by: cache-fra-eddf8230136-FRA, cache-hel1410034-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 41275
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/662a1eb9625/js/twk-runtime.js
172.67.38.66 2.8 kB URL embed.tawk.to/_s/v4/app/662a1eb9625/js/twk-runtime.js
IP 172.67.38.66:0
File type JavaScript source, ASCII text, with very long lines (2306), with no line terminators
Hash 22011f5c9255e6d37ef412f49777e88c
e581c81cf189fdcd92801a2b6f0b505301fb88b3
879b2d4c443d3f00670cf5efdf1e70b4a115355917abad57d482e90553b42117
GET /_s/v4/app/662a1eb9625/js/twk-runtime.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://wxtdjs.com
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:30:32 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 09:14:17 GMT
etag: W/"22011f5c9255e6d37ef412f49777e88c"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a48654c9f4b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
zerossl.ocsp.sectigo.com/
104.18.38.233 727 B URL zerossl.ocsp.sectigo.com/
IP 104.18.38.233:0
Hash 95da51ccf8206d6f97ae5dbb968e0e8f
79fd36f313db0c7873bc692df51033ffcf9b89da
02046c161a7ecfe4bd0fc280eafb0b99cb8bdfb78d019bbbaae7c913c8bdbc06
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 06:30:36 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Wed, 24 Apr 2024 11:14:42 GMT
Expires: Wed, 01 May 2024 11:14:41 GMT
Etag: "79fd36f313db0c7873bc692df51033ffcf9b89da"
Cache-Control: max-age=448444,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 87a4866a3a70712d-OSL
wxtdjs.com/static/picture/logo-640-6405.png
38.177.159.139 13 kB URL wxtdjs.com/static/picture/logo-640-6405.png
IP 38.177.159.139:0
File type PNG image data, 324 x 120, 8-bit/color RGBA, non-interlaced
Hash 36b9a177603b00fb5600e3c838b9b033
2aca5d6c5d0058b2a951ba9dd36f645ae842f477
e8c6b1dff090886c685caa44ccffec8fd659da10bf33bd01cb54e24a0849fc36
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/picture/logo-640-6405.png HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162; TawkConnectionTime=0; twk_idm_key=osCVjQn7fSLf0A8pgXjM5; twk_uuid_6476a8dead80445890f01536=%7B%22uuid%22%3A%221.1hHGp9apx6yYomnpZPxno1b6DhEqQzfwxwWUDz4mZFMCZ7NxUWfJ95zDnugDV9WBw9WYmPe12mbLmhaIowSnYMAXl10HMjkmtIQEPCwROzQBMrklvW8%22%2C%22version%22%3A3%2C%22domain%22%3A%22wxtdjs.com%22%2C%22ts%22%3A1714113033971%7D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:23 GMT
Content-Type: image/png
Content-Length: 13118
Last-Modified: Fri, 12 Apr 2024 06:52:08 GMT
Connection: keep-alive
ETag: "6618da18-333e"
Expires: Sun, 26 May 2024 06:32:23 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
20.2.31.84200 OK 1.2 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (1212), with no line terminators
Hash 8e6f95253b7780a3e61e670ccb20439e
8d36d93785651e87a439a847e549770d9a9773d4
5caf31bba132d493e95ba6a477e31e480ea2d532e13502c73d699d9847943f1f
GET /fuhua/ HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:07 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
x-country: NO
x-cache: BYPASS@whopperm3000000
X-Firefox-Spdy: h2
wxtdjs.com/static/js/comp.graphicNew.settings.js
38.177.159.139200 OK 1.3 kB URL GET HTTP/1.1 wxtdjs.com/static/js/comp.graphicNew.settings.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text, with very long lines (1323), with no line terminators
Hash 80b4c53fc613cb22105a86f95d91aec4
2725e078c0bcdce576e2b4c4c5e2b3a3810a8b82
20f5d34e08c668924b4e0523765cef5699eea1e234d6ced23d72fb67f759e09d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/comp.graphicNew.settings.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:15:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df84-4eb"
Expires: Fri, 26 Apr 2024 18:32:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/js/blockCallback.min24.js?_=1714113008697
38.177.159.139200 OK 687 B URL GET HTTP/1.1 wxtdjs.com/static/js/blockCallback.min24.js?_=1714113008697
IP 38.177.159.139:80
File type JavaScript source, ASCII text, with very long lines (727), with no line terminators
Hash b60b32fab522bacdb9326741e186f575
2b9d232d9b3d8b8373bad03d6d0b1d21771e15fb
231502735141ce1307a2f62ae08b2418119c20b2beb9053f081555b79b8b69ec
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/blockCallback.min24.js?_=1714113008697 HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:02 GMT
Content-Type: application/javascript
Content-Length: 687
Last-Modified: Fri, 12 Apr 2024 07:14:56 GMT
Connection: keep-alive
ETag: "6618df70-2af"
Expires: Fri, 26 Apr 2024 18:32:02 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
wxtdjs.com/static/js/marketing.js
38.177.159.139200 OK 244 kB URL GET HTTP/1.1 wxtdjs.com/static/js/marketing.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text, with very long lines (44263)
Size 244 kB (244218 bytes)
Hash 244a6bc20afa74cbb4c4bc24f107b0fe
d96d65c02202d817d88fc92e4beda15bddf8fee9
e6c719d7a4f57df5a584eaede49c3a75e018156fcf95a14fbe4f823cebc5d1c8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/marketing.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:56 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:15:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df9e-3b9fa"
Expires: Fri, 26 Apr 2024 18:31:56 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
adhahd13.com.adak1.com.sdlak983.top:3443/api/v1/stock/up
20.2.31.84200 OK 2.7 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/api/v1/stock/up
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (3319), with no line terminators
Hash 2125c21d1f909e7ca6c889853ee8f32e
5e629b5f8a699300a0495b85a8cd07d2787c2ee9
895aa7a3b369cec79da976a0c67ed89d1553c3906f357225e41b431b9237fdef
GET /api/v1/stock/up HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:10 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
x-country: NO
x-cache: BYPASS@whopperm3000000
content-encoding: br
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/api/v1/index/announcement
20.2.31.84200 OK 415 B URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/api/v1/index/announcement
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with no line terminators
Hash df969d1ddec070f3a2f8c7caeaf487d3
58936237266c0793cfd88437c8108332279aad9e
3cdba7ed799d5a4cb3e638e5b214cb1a9b4f7231fd0d8e6a09e4568133903b43
GET /api/v1/index/announcement HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:10 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
x-country: NO
x-cache: BYPASS@whopperm3000000
content-encoding: br
X-Firefox-Spdy: h2
wxtdjs.com/static/js/lab_3.0.js
38.177.159.139200 OK 22 kB URL GET HTTP/1.1 wxtdjs.com/static/js/lab_3.0.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text, with very long lines (581)
Hash fdeb65651e5efb894febd992b263d47d
15e49e6e4892234b5040030f2cfc3026570e9b72
9a3994254012904e7aa565f8cb1e61686bc3383486f24d37153516d40604ee85
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/lab_3.0.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:57 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:15:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df86-54f1"
Expires: Fri, 26 Apr 2024 18:31:57 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
adhahd13.com.adak1.com.sdlak983.top:3443/upload/20240313/0d1fa3373cb8f2703d09d6fd92d5cd1b.png
20.2.31.84200 OK 9.3 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/upload/20240313/0d1fa3373cb8f2703d09d6fd92d5cd1b.png
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type PNG image data, 273 x 270, 8-bit/color RGBA, non-interlaced
Hash f75b625c36b90f699b685d2bae6b6813
c68f616b6fa1340691a2f0e90b74d4a6ba87933e
a8a882ef3fc2d260e7c47cb3034678540dbf777689e32a42bf7973e104971f41
GET /upload/20240313/0d1fa3373cb8f2703d09d6fd92d5cd1b.png HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:10 GMT
content-type: image/png
content-length: 9328
last-modified: Wed, 13 Mar 2024 14:15:59 GMT
etag: "2470-6138b69f7cb80"
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
wxtdjs.com/static/js/phoenix_picture_popup.js
38.177.159.139200 OK 37 kB URL GET HTTP/1.1 wxtdjs.com/static/js/phoenix_picture_popup.js
IP 38.177.159.139:80
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/phoenix_picture_popup.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:58 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:15:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df86-91cf"
Expires: Fri, 26 Apr 2024 18:31:58 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wxtdjs.com/static/css/quicknavigation3.css
38.177.159.139200 OK 13 kB URL GET HTTP/1.1 wxtdjs.com/static/css/quicknavigation3.css
IP 38.177.159.139:80
File type ASCII text, with very long lines (1496)
Hash 61a4e26d2d4c86333b0013be0a1fe591
51eadc1560edc66ba9d29ad8737ca736adb6004b
1143c610f92919eb9755aa72777b90eb9727ad5f0e47ec1c2ac0ab3ce42e8582
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/quicknavigation3.css HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251; p_sid=f9b6d765.2061654070; RFU=; uv_json=%7B%22lmfAUpKSLYoI_uv%22%3A1%7D; pv_json=%7B%22lmfAUpKSLYoI_pv%22%3A1%7D; _t_stop=%7B%22lmfAUpKSLYoI_stop%22%3A%7B%7D%7D; vs_json=%7B%7D; uv_sid=f9b6d765.647629162
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:32:01 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2024 07:14:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df6c-32a0"
Expires: Fri, 26 Apr 2024 18:32:01 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
pmbdhtd.com.shduendg.tuaingde.xyz:3443/wss
20.2.31.84101 Switching Protocols 0 B URL GET HTTP/1.1 pmbdhtd.com.shduendg.tuaingde.xyz:3443/wss
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectpmbdhtd.com.shduendg.tuaingde.xyz
Fingerprint46:97:4D:BF:76:30:6B:B3:1A:FE:1F:58:FE:2C:3A:E7:23:CF:6E:AC
ValidityWed, 13 Mar 2024 00:00:00 GMT - Tue, 11 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wss HTTP/1.1
Host: pmbdhtd.com.shduendg.tuaingde.xyz:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://adhahd13.com.adak1.com.sdlak983.top:3443
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3q8fd4sFdmlMYefvwXpccA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: FS/392.27.10
Date: Fri, 26 Apr 2024 06:30:11 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Version: 13
Sec-WebSocket-Accept: DIltTXAz5f3vFTPgmMfxgGXKFnY=
hm.baidu.com/hm.js?eac8a84d72c2134d3f29b3c132a09aed
183.240.98.228200 OK 30 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?eac8a84d72c2134d3f29b3c132a09aed
IP 183.240.98.228:443
ASN #56040 China Mobile communications corporation
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (619)
Hash 650f7a21faffc373bff32017666b42ce
5820f163242c570105aeecd3a9c03bd34fb93d82
46f0040f582d5d620633c92a303168a0c2350b08851962123edf5ce14b8b393f
GET /hm.js?eac8a84d72c2134d3f29b3c132a09aed HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Fri, 26 Apr 2024 06:30:10 GMT
Etag: dcbfc8ce3c56a53c7817cd1b4ad9f959
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2B22E26B2FC2DBF8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/js/pagesB-login-login~pagesB-login-signIn~pagesB-setting-newPhone~pagesB-setting-setLoginPassword~pages~e87a8771.de288932.js
20.2.31.84200 OK 14 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/js/pagesB-login-login~pagesB-login-signIn~pagesB-setting-newPhone~pagesB-setting-setLoginPassword~pages~e87a8771.de288932.js
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fuhua/static/js/pagesB-login-login~pagesB-login-signIn~pagesB-setting-newPhone~pagesB-setting-setLoginPassword~pages~e87a8771.de288932.js HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:09 GMT
content-type: application/javascript
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
vary: Accept-Encoding
etag: W/"65f6a11a-3698"
cache-control: max-age=43200
content-encoding: gzip
x-country: NO
x-cache: HIT@whopperm3000000
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/upload/20240313/0a616a8969950809751c3e4f777b2030.png
20.2.31.84200 OK 586 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/upload/20240313/0a616a8969950809751c3e4f777b2030.png
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type PNG image data, 1920 x 323, 8-bit/color RGBA, non-interlaced
Size 586 kB (586364 bytes)
Hash 480ef9cd077759d9228491dc85806aec
f458e5e1b71a9e4131118c87c3ab425acbedb883
7f511d452eca30bf37dc44c4b799cd149a458967a07a7cb752013cd3a9950d2d
GET /upload/20240313/0a616a8969950809751c3e4f777b2030.png HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:10 GMT
content-type: image/png
content-length: 586364
last-modified: Wed, 13 Mar 2024 14:18:09 GMT
etag: "8f27c-6138b71beafee"
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/register.png
20.2.31.84200 OK 20 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/register.png
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 380x380, components 3
Hash 9c3d8f41546124713ef0d2788922de94
2ab9440ecc3d91984ec6857ad4ebc3793edc84b2
2589d98b7eb5c2c7f368ebf19d45cf19af2b3bcd18383ca16bfeef3138db6774
GET /fuhua/static/register.png HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:10 GMT
content-type: image/png
content-length: 19763
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
etag: "65f6a11a-4d33"
cache-control: max-age=2592000
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/pc/02.png
20.2.31.84200 OK 4.0 kB URL GET HTTP/2 adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/pc/02.png
IP 20.2.31.84:3443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Certificate IssuerZeroSSL
Subjectadhahd13.com.adak1.com.sdlak983.top
FingerprintC9:9A:AE:AC:BC:59:49:D3:66:FB:01:F3:B8:5A:B9:34:7D:EA:4C:22
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced
Hash 4536f1d334e2a9cebc7bed8f9f23a421
121e65e0c0d5ed68f52e06c12ca3623d04fe2f33
bb5e3ed2c32cd468e1dd57cf78e66c6e47511cd2f773c605c08f39b723b6a207
GET /fuhua/static/images/pc/02.png HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.25.3
date: Fri, 26 Apr 2024 06:30:10 GMT
content-type: image/png
content-length: 4030
last-modified: Sun, 17 Mar 2024 07:51:54 GMT
etag: "65f6a11a-fbe"
cache-control: max-age=2592000
x-country: NO
x-cache: HIT@whopperm3000000
accept-ranges: bytes
X-Firefox-Spdy: h2
wxtdjs.com/static/js/analytics.js
38.177.159.139200 OK 5.5 kB URL GET HTTP/1.1 wxtdjs.com/static/js/analytics.js
IP 38.177.159.139:80
File type JavaScript source, ASCII text, with very long lines (5738), with no line terminators
Hash 255e6879ceaf1d6e586cd5aad6425607
3824888899be4d8a0df4767de0364b201ff54e45
b57d9cf0ea39afe8cf61feb0889d6b146d5701b5b6835879b2b04996ba602772
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/analytics.js HTTP/1.1
Host: wxtdjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wxtdjs.com/
Cookie: __vtins__3I0INa8DAXIgBFIS=%7B%22sid%22%3A%20%22992de841-88ff-548d-9faf-82caa47204e0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714114807245%2C%20%22ct%22%3A%201714113007245%7D; __51uvsct__3I0INa8DAXIgBFIS=1; __51vcke__3I0INa8DAXIgBFIS=81ab938f-256a-57e1-af30-b3daa89d145c; __51vuft__3I0INa8DAXIgBFIS=1714113007251
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:31:56 GMT
Content-Type: application/javascript
Last-Modified: Fri, 12 Apr 2024 07:15:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6618df9e-156a"
Expires: Fri, 26 Apr 2024 18:31:56 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/slider-verify/1.jpg
0.0.0.0 0 B URL GET adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/static/images/slider-verify/1.jpg
IP 0.0.0.0:0
Requested by https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/#
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fuhua/static/images/slider-verify/1.jpg HTTP/1.1
Host: adhahd13.com.adak1.com.sdlak983.top:3443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adhahd13.com.adak1.com.sdlak983.top:3443/fuhua/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache