| www.tulsaroughnecks.com/Year_by_Year.html | 38.207.232.196 | | 162 B |
URL www.tulsaroughnecks.com/Year_by_Year.html IP38.207.232.196:0
File typeHTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /Year_by_Year.html HTTP/1.1
Host: www.tulsaroughnecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 May 2024 21:16:26 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.tulsaroughnecks.com/Year_by_Year.html
|
|
| www.tulsaroughnecks.com/favicon.ico | 38.207.232.196 | 200 OK | 4.3 kB |
URL GET HTTP/2www.tulsaroughnecks.com/favicon.ico IP38.207.232.196:443
Requested byhttps://www.tulsaroughnecks.com/ CertificateIssuerLet's Encrypt Subjecttulsaroughnecks.com Fingerprint4F:2C:6A:99:12:DA:26:21:6A:BE:EC:9F:E0:92:F0:1F:64:C7:11:79 ValiditySun, 04 Feb 2024 18:00:00 GMT - Sat, 04 May 2024 17:59:59 GMT
File typeMS Windows icon resource - 1 icon, 32x32, 32 bits/pixel Hash19f1695b666f83fb82f706d7985ee432 e0eff93e72d5304a6970ff4ccbca957557a69af8 cc454ffaf8064d2946905eb19caa28138b88a4c2d8d37972e8151cd4d1dd2b79
GET /favicon.ico HTTP/1.1
Host: www.tulsaroughnecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tulsaroughnecks.com/Year_by_Year.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:16:30 GMT
content-type: image/x-icon
content-length: 4286
last-modified: Fri, 30 Jun 2023 14:45:33 GMT
etag: "649eea8d-10be"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.tulsaroughnecks.com/uploads/css/css/custom.css | 38.207.232.196 | | 285 B |
URL www.tulsaroughnecks.com/uploads/css/css/custom.css IP38.207.232.196:0
File typeASCII text, with CRLF line terminators Hash059e57302a1e26811a059b61f7dd27d0 c37df7aaff9f23ce0d37453cc0a1db5be9c08ad7 1f9d76943dcf73a961bd94bf4f35e8dd64122f583803ec6a46cd902eb63e2004
GET /uploads/css/css/custom.css HTTP/1.1
Host: www.tulsaroughnecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tulsaroughnecks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:16:35 GMT
content-type: text/css
content-length: 285
last-modified: Sat, 26 Feb 2022 04:04:16 GMT
etag: "6219a6c0-11d"
expires: Sun, 05 May 2024 09:16:35 GMT
cache-control: max-age=43200
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.tulsaroughnecks.com/templets/gg.js | 38.207.232.196 | 200 OK | 1.0 kB |
URL GET HTTP/2www.tulsaroughnecks.com/templets/gg.js IP38.207.232.196:443
Requested byhttps://www.tulsaroughnecks.com/ CertificateIssuerLet's Encrypt Subjecttulsaroughnecks.com Fingerprint4F:2C:6A:99:12:DA:26:21:6A:BE:EC:9F:E0:92:F0:1F:64:C7:11:79 ValiditySun, 04 Feb 2024 18:00:00 GMT - Sat, 04 May 2024 17:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (452), with CRLF line terminators Hash3bc95b1ef1c0671dfa18a22ed0cfacfe 7de99aaf4022e74af498a9bab70dd417ee9ade04 838e0e2d8b6f935b647832c142dcd50f114f73cedde5eb3c8539ef87984c564b
GET /templets/gg.js HTTP/1.1
Host: www.tulsaroughnecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tulsaroughnecks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:16:35 GMT
content-type: application/javascript
content-length: 1016
last-modified: Tue, 30 Jan 2024 11:03:49 GMT
etag: "65b8d795-3f8"
expires: Sun, 05 May 2024 09:16:35 GMT
cache-control: max-age=43200
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.tulsaroughnecks.com/uploads/image/images/logo_red.png | 38.207.232.196 | 200 OK | 8.2 kB |
URL GET HTTP/2www.tulsaroughnecks.com/uploads/image/images/logo_red.png IP38.207.232.196:443
Requested byhttps://www.tulsaroughnecks.com/ CertificateIssuerLet's Encrypt Subjecttulsaroughnecks.com Fingerprint4F:2C:6A:99:12:DA:26:21:6A:BE:EC:9F:E0:92:F0:1F:64:C7:11:79 ValiditySun, 04 Feb 2024 18:00:00 GMT - Sat, 04 May 2024 17:59:59 GMT
File typePNG image data, 130 x 42, 8-bit/color RGBA, non-interlaced Hash21ad4004b6ab83b54dae7e0476e52216 298412634580d71ed3f299c418714be9582a87af 520fbb0193fb43408528a0e3794e1c6ad5ce9f6c5bb63efb3f5a471590c5aa97
GET /uploads/image/images/logo_red.png HTTP/1.1
Host: www.tulsaroughnecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tulsaroughnecks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:16:35 GMT
content-type: image/png
content-length: 8169
last-modified: Sat, 26 Feb 2022 03:56:15 GMT
etag: "6219a4df-1fe9"
expires: Mon, 03 Jun 2024 21:16:35 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.tulsaroughnecks.com/uploads/css/abcss/bootstrap.css | 38.207.232.196 | | 27 kB |
URL www.tulsaroughnecks.com/uploads/css/abcss/bootstrap.css IP38.207.232.196:0
File typegzip compressed data, from Unix Hash84aca88c722bc6a7daa75fcaf91ff17c 67119222ddde033926e733942880a88e4e47f0c8 9c7e354764b28a822469daa9247a238a6decaebd4c4f3e81ae4dda69d60987e3
GET /uploads/css/abcss/bootstrap.css HTTP/1.1
Host: www.tulsaroughnecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tulsaroughnecks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:16:35 GMT
content-type: text/css
last-modified: Sat, 26 Feb 2022 04:03:30 GMT
vary: Accept-Encoding
etag: W/"6219a692-21f2b"
expires: Sun, 05 May 2024 09:16:35 GMT
cache-control: max-age=43200
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.tulsaroughnecks.com/Year_by_Year.html | 38.207.232.196 | | 1.2 kB |
URL www.tulsaroughnecks.com/Year_by_Year.html IP38.207.232.196:0
File typegzip compressed data, from Unix Hash82897440f28177d7f60e35370e008bfb 191219592aedf10fe692d2d47c25e4c7fabb7e20 4e47f931236875895a6fdeb0f6b2b0cda549853f80f531546e5bdc6cbc3766f2
GET /Year_by_Year.html HTTP/1.1
Host: www.tulsaroughnecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
date: Sat, 04 May 2024 21:16:29 GMT
content-type: text/html
vary: Accept-Encoding
etag: W/"6219a4d2-527"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| | 38.207.232.196 | 200 OK | 127 kB |
URL User Request GET HTTP/2IP38.207.232.196:443
CertificateIssuerLet's Encrypt Subjecttulsaroughnecks.com Fingerprint4F:2C:6A:99:12:DA:26:21:6A:BE:EC:9F:E0:92:F0:1F:64:C7:11:79 ValiditySun, 04 Feb 2024 18:00:00 GMT - Sat, 04 May 2024 17:59:59 GMT
File typegzip compressed data, from Unix Size127 kB (127122 bytes) Hash472460e715e072b27a8550779d2fdc34 3aa1fa329db4990da8b9df9cee05a69bd2fe2350 e8b6c1d27ab91bd9453b8139862b82045bf8c11e7240a666b0761a2033530217
GET / HTTP/1.1
Host: www.tulsaroughnecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tulsaroughnecks.com/Year_by_Year.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:16:35 GMT
content-type: text/html
last-modified: Mon, 12 Jun 2023 10:45:38 GMT
vary: Accept-Encoding
etag: W/"6486f752-38ed"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.tulsaroughnecks.com/uploads/image/images/neximg.png | 38.207.232.196 | 200 OK | 1.2 kB |
URL GET HTTP/2www.tulsaroughnecks.com/uploads/image/images/neximg.png IP38.207.232.196:443
Requested byhttps://www.tulsaroughnecks.com/ CertificateIssuerLet's Encrypt Subjecttulsaroughnecks.com Fingerprint4F:2C:6A:99:12:DA:26:21:6A:BE:EC:9F:E0:92:F0:1F:64:C7:11:79 ValiditySun, 04 Feb 2024 18:00:00 GMT - Sat, 04 May 2024 17:59:59 GMT
File typePNG image data, 28 x 56, 8-bit/color RGBA, non-interlaced Hash1689c8e058802434a3bfdd8c36940fd6 9fa96ba0a31afd2b960180305ea04a9c8b57927c 65d0ce26aefdde78af0f1e38c64b8a14dccc06e51e9ff02be0c75a23fe6e3a06
GET /uploads/image/images/neximg.png HTTP/1.1
Host: www.tulsaroughnecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tulsaroughnecks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:16:36 GMT
content-type: image/png
content-length: 1161
last-modified: Sat, 26 Feb 2022 04:32:46 GMT
etag: "6219ad6e-489"
expires: Mon, 03 Jun 2024 21:16:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.tulsaroughnecks.com/uploads/image/images/preimg.png | 38.207.232.196 | 200 OK | 1.2 kB |
URL GET HTTP/2www.tulsaroughnecks.com/uploads/image/images/preimg.png IP38.207.232.196:443
Requested byhttps://www.tulsaroughnecks.com/ CertificateIssuerLet's Encrypt Subjecttulsaroughnecks.com Fingerprint4F:2C:6A:99:12:DA:26:21:6A:BE:EC:9F:E0:92:F0:1F:64:C7:11:79 ValiditySun, 04 Feb 2024 18:00:00 GMT - Sat, 04 May 2024 17:59:59 GMT
File typePNG image data, 28 x 56, 8-bit/color RGBA, non-interlaced Hash1dbd90b4cb0cd22678d1e1175eaf8d98 ee52dc3a38be5696b7e8b3c3574760abcaccb48f ee5c1e00a530e1421b56caf6f7466656f56d8e28c8e7339460df108e5bd747ee
GET /uploads/image/images/preimg.png HTTP/1.1
Host: www.tulsaroughnecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tulsaroughnecks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:16:36 GMT
content-type: image/png
content-length: 1172
last-modified: Sat, 26 Feb 2022 04:32:47 GMT
etag: "6219ad6f-494"
expires: Mon, 03 Jun 2024 21:16:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.tulsaroughnecks.com/uploads/image/images/ewm.jpg | 38.207.232.196 | | 9.1 kB |
URL www.tulsaroughnecks.com/uploads/image/images/ewm.jpg IP38.207.232.196:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 344x344, components 3 Hash7c590f4a6cf6df784fc7859c051c6ee6 d80bf82021499547dd5e13f349e4f167be5781f5 07ed8d9f942a19f000cd0c5d2ef6fab7167d735dca77e593ccdae83a33b401ea
GET /uploads/image/images/ewm.jpg HTTP/1.1
Host: www.tulsaroughnecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tulsaroughnecks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:16:36 GMT
content-type: image/jpeg
content-length: 9065
last-modified: Sat, 26 Feb 2022 03:56:36 GMT
etag: "6219a4f4-2369"
expires: Mon, 03 Jun 2024 21:16:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.tulsaroughnecks.com/uploads/image/images/ewm1.png | 38.207.232.196 | 200 OK | 16 kB |
URL GET HTTP/2www.tulsaroughnecks.com/uploads/image/images/ewm1.png IP38.207.232.196:443
Requested byhttps://www.tulsaroughnecks.com/ CertificateIssuerLet's Encrypt Subjecttulsaroughnecks.com Fingerprint4F:2C:6A:99:12:DA:26:21:6A:BE:EC:9F:E0:92:F0:1F:64:C7:11:79 ValiditySun, 04 Feb 2024 18:00:00 GMT - Sat, 04 May 2024 17:59:59 GMT
File typePNG image data, 500 x 500, 8-bit/color RGB, non-interlaced Hashd3f4c8f3ea91c78c9d7a99c607d698da e83cf7f84ea0f6f0c364ce413413151e74400ef6 41b90914dc9eefc608171ef061d2d14f0f61c2e1c9a67e074d2969110ab08260
GET /uploads/image/images/ewm1.png HTTP/1.1
Host: www.tulsaroughnecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tulsaroughnecks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:16:36 GMT
content-type: image/png
content-length: 16084
last-modified: Fri, 30 Jun 2023 14:45:48 GMT
etag: "649eea9c-3ed4"
expires: Mon, 03 Jun 2024 21:16:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.tulsaroughnecks.com/uploads/css/css/style4.css | 38.207.232.196 | 200 OK | 13 kB |
URL GET HTTP/2www.tulsaroughnecks.com/uploads/css/css/style4.css IP38.207.232.196:443
Requested byhttps://www.tulsaroughnecks.com/ CertificateIssuerLet's Encrypt Subjecttulsaroughnecks.com Fingerprint4F:2C:6A:99:12:DA:26:21:6A:BE:EC:9F:E0:92:F0:1F:64:C7:11:79 ValiditySun, 04 Feb 2024 18:00:00 GMT - Sat, 04 May 2024 17:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (34110), with CRLF, LF line terminators Hash3f495fadf97cda156f1ceb3b489a13a1 72a544c70d0c6586120294dd5ffa6cc4ea08796d c85d0dc5d138f010ffc5f08d4af56abfd005703446ae98afb1ef2cde83708fff
GET /uploads/css/css/style4.css HTTP/1.1
Host: www.tulsaroughnecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tulsaroughnecks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:16:35 GMT
content-type: text/css
last-modified: Sat, 26 Feb 2022 04:32:47 GMT
vary: Accept-Encoding
etag: W/"6219ad6f-551"
expires: Sun, 05 May 2024 09:16:35 GMT
cache-control: max-age=43200
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.tulsaroughnecks.com/uploads/image/images/banner2.jpg | 38.207.232.196 | | 467 kB |
URL www.tulsaroughnecks.com/uploads/image/images/banner2.jpg IP38.207.232.196:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1440x426, components 3 Size467 kB (467210 bytes) Hashfdb539eab2fd498657ea4b46da47d987 f45150bb78ec20f56d17521c0213385d8b655f5e 2b4edd046511271786415d6091cfd7403f1f5dbf5b093da223a0e17248c1742b
GET /uploads/image/images/banner2.jpg HTTP/1.1
Host: www.tulsaroughnecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tulsaroughnecks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:16:35 GMT
content-type: image/jpeg
content-length: 467210
last-modified: Sat, 26 Feb 2022 03:56:37 GMT
etag: "6219a4f5-7210a"
expires: Mon, 03 Jun 2024 21:16:35 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.tulsaroughnecks.com/uploads/css/cskins/green.css | 38.207.232.196 | | 6.6 kB |
URL www.tulsaroughnecks.com/uploads/css/cskins/green.css IP38.207.232.196:0
File typeUnicode text, UTF-8 text, with very long lines (1237), with CRLF, LF line terminators Hashc3b463fb60b971e2e86ac777c4660b8c a9b86c257a8dbe97d62c513ac2c5bcf3e65be811 2814eed34d02755ccd85c5dfc42ea7d380d63a41fc56433e9fbc5b2f73313cb7
GET /uploads/css/cskins/green.css HTTP/1.1
Host: www.tulsaroughnecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tulsaroughnecks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:16:35 GMT
content-type: text/css
last-modified: Sat, 26 Feb 2022 04:04:09 GMT
vary: Accept-Encoding
etag: W/"6219a6b9-2f02"
expires: Sun, 05 May 2024 09:16:35 GMT
cache-control: max-age=43200
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 35.220.255.80:8888/saconfig/secure/yunwei.js?0.6157696516963735 | 35.220.255.80 | | 1.8 kB |
URL 35.220.255.80:8888/saconfig/secure/yunwei.js?0.6157696516963735 IP35.220.255.80:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeUnicode text, UTF-8 text, with very long lines (570) Hashd52add10993932b981d8da619d6076e1 55bc2a9b27e34500a38cf8fba45e9ec648300a94 0f7d39364a44a5f88297fe466097bd4ea5a183ff050361cbbf0225a8c95e67f0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /saconfig/secure/yunwei.js?0.6157696516963735 HTTP/1.1
Host: 35.220.255.80:8888
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/MktLand
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 04 May 2024 21:16:38 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 1804
Connection: keep-alive
Last-Modified: Fri, 26 Apr 2024 08:35:35 GMT
ETag: "662b6757-70c"
magic_string: 178aa526b36126fd25b8d3446d0c1d25
servers: Tengine/1.15.1
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| collect-v6.51.la/v6/collect?dt=4 | 203.107.86.226 | 403 | 0 B |
URL POST HTTP/1.1collect-v6.51.la/v6/collect?dt=4 IP203.107.86.226:443 ASN#37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested byhttps://www.tulsaroughnecks.com/ CertificateIssuerGlobalSign nv-sa Subject*.51.la Fingerprint9E:F3:EB:9A:59:E9:6D:6E:48:13:64:78:3C:33:1D:AA:79:52:5B:79 ValidityThu, 20 Apr 2023 01:12:57 GMT - Tue, 21 May 2024 01:12:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 363
Origin: https://www.tulsaroughnecks.com
DNT: 1
Connection: keep-alive
Referer: https://www.tulsaroughnecks.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403
Date: Sat, 04 May 2024 21:16:38 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: aliyungf_tc=c07b00afee00ae0f373e798d391389c912c5c78b06e55f87ddebe606ca3957c3; Path=/; HttpOnly
acw_tc=ac11000117148573983245948e078bbf418042f3c20ad8d4f2f66589e07ff6;path=/;HttpOnly;Max-Age=1800
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://www.tulsaroughnecks.com
Access-Control-Allow-Credentials: true
|
|
| www.tulsaroughnecks.com/templets/tj.js | 38.207.232.196 | 200 OK | 7.2 kB |
URL GET HTTP/2www.tulsaroughnecks.com/templets/tj.js IP38.207.232.196:443
Requested byhttps://www.tulsaroughnecks.com/ CertificateIssuerLet's Encrypt Subjecttulsaroughnecks.com Fingerprint4F:2C:6A:99:12:DA:26:21:6A:BE:EC:9F:E0:92:F0:1F:64:C7:11:79 ValiditySun, 04 Feb 2024 18:00:00 GMT - Sat, 04 May 2024 17:59:59 GMT
File typegzip compressed data, from Unix Hash3dd1aef81cdedf4969d594e398325384 32fe5bcbcca2060960615a3084f016b0db9f406c d3e4c8eecbd211cc00cbc2ef5151235691bbbbd81f6a5701a5149170848f74ca
GET /templets/tj.js HTTP/1.1
Host: www.tulsaroughnecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tulsaroughnecks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:16:35 GMT
content-type: application/javascript
last-modified: Mon, 15 Jan 2024 16:37:56 GMT
vary: Accept-Encoding
etag: W/"65a55f64-54f"
expires: Sun, 05 May 2024 09:16:35 GMT
cache-control: max-age=43200
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.tulsaroughnecks.com/uploads/image/images/banner3.jpg | 38.207.232.196 | | 811 kB |
URL www.tulsaroughnecks.com/uploads/image/images/banner3.jpg IP38.207.232.196:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1423x551, components 3 Size811 kB (810691 bytes) Hashe5f1bde3fe0ad98bfbf39f11ce541e5b 000e007c2cae0c332828ee0729bedef9478b77d4 4d06965583162ecafd0442b9cbf6db576ff7f1a56aca4d9fb5a1ceb38e09c8ae
GET /uploads/image/images/banner3.jpg HTTP/1.1
Host: www.tulsaroughnecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tulsaroughnecks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:16:36 GMT
content-type: image/jpeg
content-length: 810691
last-modified: Sat, 26 Feb 2022 03:56:33 GMT
etag: "6219a4f1-c5ec3"
expires: Mon, 03 Jun 2024 21:16:36 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.tulsaroughnecks.com/uploads/image/images/banner1.jpg | 38.207.232.196 | 200 OK | 418 kB |
URL GET HTTP/2www.tulsaroughnecks.com/uploads/image/images/banner1.jpg IP38.207.232.196:443
Requested byhttps://www.tulsaroughnecks.com/ CertificateIssuerLet's Encrypt Subjecttulsaroughnecks.com Fingerprint4F:2C:6A:99:12:DA:26:21:6A:BE:EC:9F:E0:92:F0:1F:64:C7:11:79 ValiditySun, 04 Feb 2024 18:00:00 GMT - Sat, 04 May 2024 17:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1440x517, components 3 Size418 kB (417639 bytes) Hash9ee52c824dbd96a984fd1fbd23951dd6 5c42e8932f69a2f32a9ff8de33fb93ca1c30b138 14e96b97fcae0ba8c4cbe5a5a164ebf33e659e5c30bfc66ec11357017c92e103
GET /uploads/image/images/banner1.jpg HTTP/1.1
Host: www.tulsaroughnecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tulsaroughnecks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:16:35 GMT
content-type: image/jpeg
content-length: 417639
last-modified: Sat, 26 Feb 2022 03:56:17 GMT
etag: "6219a4e1-65f67"
expires: Mon, 03 Jun 2024 21:16:35 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.tulsaroughnecks.com/favicon.ico | 38.207.232.196 | 200 OK | 4.3 kB |
URL GET HTTP/2www.tulsaroughnecks.com/favicon.ico IP38.207.232.196:443
Requested byhttps://www.tulsaroughnecks.com/ CertificateIssuerLet's Encrypt Subjecttulsaroughnecks.com Fingerprint4F:2C:6A:99:12:DA:26:21:6A:BE:EC:9F:E0:92:F0:1F:64:C7:11:79 ValiditySun, 04 Feb 2024 18:00:00 GMT - Sat, 04 May 2024 17:59:59 GMT
File typeMS Windows icon resource - 1 icon, 32x32, 32 bits/pixel Hash19f1695b666f83fb82f706d7985ee432 e0eff93e72d5304a6970ff4ccbca957557a69af8 cc454ffaf8064d2946905eb19caa28138b88a4c2d8d37972e8151cd4d1dd2b79
GET /favicon.ico HTTP/1.1
Host: www.tulsaroughnecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tulsaroughnecks.com/
Cookie: _ga_Z5NKFLZGBH=GS1.1.1714857397.1.0.1714857397.0.0.0; _ga=GA1.1.827089135.1714857397; __vtins__3GBwJi1VhYXTbBWt=%7B%22sid%22%3A%20%2250b835bf-3a6a-5ecc-a5a5-3f6736c16e92%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714859197304%2C%20%22ct%22%3A%201714857397304%7D; __51uvsct__3GBwJi1VhYXTbBWt=1; __51vcke__3GBwJi1VhYXTbBWt=14348c69-840c-528e-85f1-8bf077dcc2ef; __51vuft__3GBwJi1VhYXTbBWt=1714857397311
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:16:37 GMT
content-type: image/x-icon
content-length: 4286
last-modified: Fri, 30 Jun 2023 14:45:33 GMT
etag: "649eea8d-10be"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/cdn_test.txt?1714857398189 | 36.156.95.251 | | 3 B |
URL 91a2c0front.studentxi.com/cdn/91a2c0FNEW/cdn_test.txt?1714857398189 IP36.156.95.251:0 ASN#56046 China Mobile communications corporation
File typeASCII text, with no line terminators Hashaf051c89597cd018ce51bd8fd53014ff 9caed18b3958eeb1312f5e8562bf0451363499c6 db9831b53a8574d33f3d7ce6820598c67224687dbe57cbbc10b6070e5aa57744
GET /cdn/91a2c0FNEW/cdn_test.txt?1714857398189 HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://35.220.255.80:8888
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:40 GMT
content-type: text/plain; charset=utf-8
content-length: 3
expires: Thu, 01 May 2025 13:51:24 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
etag: "662c9150-3"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
vary: Accept-Encoding
x-cc-via: 173_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/3s/remove.js | 36.156.95.251 | 200 OK | 171 B |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/3s/remove.js IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text Hash3f318734a8d8aefebe5f160df1f2f63c 3c2b87d334c76835fbe7144b74de83c9146739e1 03b30094fc8961140dc3ec1a1527337ead8667d9bc2ce6ed3981f1eb5217edf3
GET /cdn/91a2c0FNEW/3s/remove.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 171
expires: Thu, 01 May 2025 13:51:59 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
etag: "662c9150-ab"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
vary: Accept-Encoding
x-cc-via: 179_yd-jiangsu-nanjing-17-cache-2[H,4]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/chunk-5225c36c.438e0adb.css | 36.156.95.251 | | 587 B |
URL 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/chunk-5225c36c.438e0adb.css IP36.156.95.251:0 ASN#56046 China Mobile communications corporation
File typeASCII text, with very long lines (587), with no line terminators Hashfb5ad01fb08ec99942f1de3815416287 ec85748314d49f34253a64151e2bfaa8d37a7c4a fba6f85bc3300a7825c7ff88213e69e3ae82ab87ce5be82a21ef2625a8c603e5
GET /cdn/91a2c0FNEW/static/css/chunk-5225c36c.438e0adb.css HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:42 GMT
content-type: text/css
content-length: 587
expires: Thu, 01 May 2025 13:56:22 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
etag: "662c9150-24b"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
vary: Accept-Encoding
x-cc-via: 175_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-361366ae.7cc91d77.js | 36.156.95.251 | 200 OK | 919 B |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-361366ae.7cc91d77.js IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (915), with no line terminators Hashb50c5be0fc7d505cf38c4240d29ed2b0 54404a8752bd10988d89546c1c9c8536cdf7d98e 2f3c523b63c55150506be586ba353ede3650d36532b2f5ba70530337a540422d
GET /cdn/91a2c0FNEW/static/js/chunk-361366ae.7cc91d77.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 919
expires: Thu, 01 May 2025 13:53:37 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
etag: "662c9150-397"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
vary: Accept-Encoding
x-cc-via: 180_yd-jiangsu-nanjing-17-cache-2[H,3]
X-Firefox-Spdy: h2
|
|
| 35.220.255.80:8888/_glaxy_91a2c0_/webToken | 35.220.255.80 | 200 | 380 B |
URL POST HTTP/1.135.220.255.80:8888/_glaxy_91a2c0_/webToken IP35.220.255.80:8888 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject35.220.255.80 Fingerprint13:36:32:12:0C:82:81:6F:C8:AC:44:F2:9E:43:FD:68:9F:04:E3:BA ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
Hash1e1a0afd68294ad0533d70a99f418e7e de444967ebf949824a1e69ae83c794ec78c746e5 2693197196063b6c8a1befdebd4c16be783e9cda847efa3c404ebc9823757787
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /_glaxy_91a2c0_/webToken HTTP/1.1
Host: 35.220.255.80:8888
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Sign: 9fe0afd7583b898c9a71a8177429d2a1
AppId: E2110C2DC886499B9C8E18A4DCECADD4
Qid: 8bf7856038836c871c136feb5fc9914d
v: 1.0.0
domainName: 35.220.255.80
Content-Length: 48
Origin: https://35.220.255.80:8888
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/MktLand
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.16.1
Date: Sat, 04 May 2024 21:16:42 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: JSESSIONID=00FE66793125C434A46BFD090B3418AE; Path=/; HTTPOnly; Secure; HttpOnly
magic_string: 178aa526b36126fd25b8d3446d0c1d25
servers: Tengine/1.15.1
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-vendors.616cd3f6.js | 36.156.95.251 | 200 OK | 51 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-vendors.616cd3f6.js IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typegzip compressed data, from Unix Hash4d3a8d6156258dfd9c85ed66b4e12a69 c1073231415cc13ebb0c5abd6e3cc561fff82ba2 c261cab352b6db32a7a6ad4a07d342b57fc2b4aeb0e4e30bda6f6a924c603e7f
GET /cdn/91a2c0FNEW/static/js/chunk-vendors.616cd3f6.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:41 GMT
content-type: application/javascript; charset=utf-8
expires: Thu, 01 May 2025 13:52:00 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-27430"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 161_yd-jiangsu-nanjing-17-cache-2[H,4]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/base64.10f271fa.js | 36.156.95.251 | 200 OK | 2.2 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/base64.10f271fa.js IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typegzip compressed data, from Unix Hash7295ff34a67dc1f749bd9dcf9315e9e0 08666c3c7c34a74022833e7d5ff1e3a0aa0ea369 634b6a44bc9d99a22e1150871adac22abbaec8d2a0e41064d807719eac2c69d8
GET /cdn/91a2c0FNEW/static/js/base64.10f271fa.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:41 GMT
content-type: application/javascript; charset=utf-8
expires: Thu, 01 May 2025 13:51:59 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-e17"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 174_yd-jiangsu-nanjing-17-cache-2[H,2]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-2d0ddc50.335b9249.js | 36.156.95.251 | 200 OK | 171 B |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-2d0ddc50.335b9249.js IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typeASCII text, with no line terminators Hash0752cac30cb254c54ae2a5e30c6d1069 7c7e2fbf9a74d0704b97eb133d79a60f3f823cf7 cea2a0fc15cdff3b43a89d55c5d47dc483518bad5e5f4f390cbfda831417fc66
GET /cdn/91a2c0FNEW/static/js/chunk-2d0ddc50.335b9249.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:43 GMT
content-type: application/javascript; charset=utf-8
content-length: 171
expires: Sun, 04 May 2025 19:56:10 GMT
server: nginx
last-modified: Fri, 03 May 2024 07:05:16 GMT
etag: "66348cac-ab"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
vary: Accept-Encoding
x-cc-via: 163_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/vue.8c819a1a.js | 36.156.95.251 | 200 OK | 51 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/vue.8c819a1a.js IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typegzip compressed data, from Unix Hash6924ced130cd6623c9e0a50f12784735 7173ab99859617387c9436d2cf28e1c15b032009 79767e7c4d842503298e0a1f8f7ccb305badf1b853b8445313215e02d2a79334
GET /cdn/91a2c0FNEW/static/js/vue.8c819a1a.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:41 GMT
content-type: application/javascript; charset=utf-8
expires: Thu, 01 May 2025 13:51:59 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-16fc1"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 170_yd-jiangsu-nanjing-17-cache-2[H,2]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/fonts/DINAlternateBold.4e108eed.ttf | 36.156.95.251 | | 77 kB |
URL 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/fonts/DINAlternateBold.4e108eed.ttf IP36.156.95.251:0 ASN#56046 China Mobile communications corporation
File typeTrueType Font data, 14 tables, 1st "GPOS", 19 names, Macintosh, Copyright (c) 1988, 1991, 2003 Linotype Library GmbH, www.linotype.com. All rights reserved.DIN Hash4e108eed3072dea4283c213b6c912b26 b13d67a9c86962aaf2fc2f6ae28ca12f299bc01f 979a20f3fb866d2fb45b196004215ef262d987b1aa92cf4b9d1d918b6fd429c8
GET /cdn/91a2c0FNEW/static/fonts/DINAlternateBold.4e108eed.ttf HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://35.220.255.80:8888
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:43 GMT
content-type: application/octet-stream
content-length: 76716
expires: Thu, 01 May 2025 13:57:01 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
etag: "662c9150-12bac"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-cc-via: 171_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/bignemberjs.0a532bf2.js | 36.156.95.251 | 200 OK | 8.5 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/bignemberjs.0a532bf2.js IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typegzip compressed data, from Unix Hash5914c3064a85ca67ef36b5ea9d9de888 9e6ebba7ceb2fd6d87e356dafcbe1a4c9d50e86f d7fcf272c08ded89de02f894c1179c577d55e4226f4f1685366a9cc327d032ba
GET /cdn/91a2c0FNEW/static/js/bignemberjs.0a532bf2.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:41 GMT
content-type: application/javascript; charset=utf-8
expires: Thu, 01 May 2025 13:52:08 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-48e5"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 176_yd-jiangsu-nanjing-17-cache-2[H,2]
X-Firefox-Spdy: h2
|
|
| 35.220.255.80:8888/_glaxy_91a2c0_/_extra_/api/v1/conf/get-sys-conf | 35.220.255.80 | | 246 B |
URL POST 35.220.255.80:8888/_glaxy_91a2c0_/_extra_/api/v1/conf/get-sys-conf IP35.220.255.80:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject35.220.255.80 Fingerprint13:36:32:12:0C:82:81:6F:C8:AC:44:F2:9E:43:FD:68:9F:04:E3:BA ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
Hash4d13f1e3148a70a89adcbfe5690671b6 c3451ceef227f3e8fe879cc097ef28ca44637107 a5e42b50421c75b0bfb3a2c9c6c2e73ef0c2ae6a4be0cb227f05b8f8b2040bbf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /_glaxy_91a2c0_/_extra_/api/v1/conf/get-sys-conf HTTP/1.1
Host: 35.220.255.80:8888
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Sign: d92c4f6bae74f63051ca8bc696fccd2a
AppId: E2110C2DC886499B9C8E18A4DCECADD4
Qid: 6a9b14f3aa79e6eab596712ad2759c17
v: 1.0.0
domainName: 35.220.255.80:8888
token: 6sNvgv4wu0LiB6y0TvoQsf0R9SMsYnPNAImzej3g5KTBvYRxhNaHIxfItikUmF1V2IWZLDUJv315rfZxUtuUfj3vDZ/RSOXXoEbfoqynwHnUmQdRO9j9tg==
Content-Length: 76
Origin: https://35.220.255.80:8888
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/MktLand
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 04 May 2024 21:16:46 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Vary: Origin
X-RateLimit-Limit: 1000000
X-RateLimit-Remaining: 999997
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
Access-Control-Allow-Headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Authorization , Access-Control-Request-Headers, X-CSRF-TOKEN
Access-Control-Expose-Headers: Authorization, authenticated
Access-Control-Allow-Credentials: true
X-M: 190-1
magic_string: 178aa526b36126fd25b8d3446d0c1d25
servers: Tengine/1.15.1
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *, *
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/vuex.e7ba450c.js | 36.156.95.251 | | 68 kB |
URL 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/vuex.e7ba450c.js IP36.156.95.251:0 ASN#56046 China Mobile communications corporation
File typegzip compressed data, from Unix Hash5a67e699976bc22d6d0a954fed67f615 fd2bb4920df515f46add1fc0c51a6d304711dc8d 6775822aa00e58726444bb3774a2ec303cd04a10cb1c409816197e4b867ea3a0
GET /cdn/91a2c0FNEW/static/js/vuex.e7ba450c.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:41 GMT
content-type: application/javascript; charset=utf-8
expires: Thu, 01 May 2025 13:51:59 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-3138"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 172_yd-jiangsu-nanjing-17-cache-2[H,2]
X-Firefox-Spdy: h2
|
|
| 35.220.255.80:8888/_glaxy_91a2c0_/_extra_/api/v1/promote/query-current-month-promotion-log-count | 35.220.255.80 | | 188 B |
URL 35.220.255.80:8888/_glaxy_91a2c0_/_extra_/api/v1/promote/query-current-month-promotion-log-count IP35.220.255.80:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Hashf9293c5f95c97e7259fe650002026fe4 c051a6ed3100f8ebe0726d4a698f79303a33af3c 5401b90174a95142c5dcb505c51e74e75709a8350047d5ee009e077973b8874a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /_glaxy_91a2c0_/_extra_/api/v1/promote/query-current-month-promotion-log-count HTTP/1.1
Host: 35.220.255.80:8888
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Sign: f9fceaeedc1bbf108ca372d22989a3e6
AppId: E2110C2DC886499B9C8E18A4DCECADD4
Qid: 4f3bacb12567d56162ecae5affcb3863
v: 1.0.0
domainName: 35.220.255.80:8888
token: 6sNvgv4wu0LiB6y0TvoQsf0R9SMsYnPNAImzej3g5KTBvYRxhNaHIxfItikUmF1V2IWZLDUJv315rfZxUtuUfj3vDZ/RSOXXoEbfoqynwHnUmQdRO9j9tg==
Content-Length: 48
Origin: https://35.220.255.80:8888
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/MktLand
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 04 May 2024 21:16:46 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Vary: Origin
X-RateLimit-Limit: 1000000
X-RateLimit-Remaining: 999996
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
Access-Control-Allow-Headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Authorization , Access-Control-Request-Headers, X-CSRF-TOKEN
Access-Control-Expose-Headers: Authorization, authenticated
Access-Control-Allow-Credentials: true
X-M: 190-1
magic_string: 178aa526b36126fd25b8d3446d0c1d25
servers: Tengine/1.15.1
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *, *
|
|
| 35.220.255.80:8888/_glaxy_91a2c0_/query/callCodes | 35.220.255.80 | 200 | 1.6 kB |
URL POST HTTP/1.135.220.255.80:8888/_glaxy_91a2c0_/query/callCodes IP35.220.255.80:8888 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject35.220.255.80 Fingerprint13:36:32:12:0C:82:81:6F:C8:AC:44:F2:9E:43:FD:68:9F:04:E3:BA ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
Hash53332616a3e5cc9d8f1cb3c94703dda6 26e0075592ea9bbc729543cfae2c376ccf5ba6b6 89c3ae962e17ec5e42c535c82e4a96b219d99107fa632ef749f9d3c76e2f9fa1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /_glaxy_91a2c0_/query/callCodes HTTP/1.1
Host: 35.220.255.80:8888
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Sign: 7f9aa6f5adfe5495a53688ca10ec08bf
AppId: E2110C2DC886499B9C8E18A4DCECADD4
Qid: 09335e7db068ce9874a2c75c593d9dd8
v: 1.0.0
domainName: 35.220.255.80:8888
token: 6sNvgv4wu0LiB6y0TvoQsf0R9SMsYnPNAImzej3g5KTBvYRxhNaHIxfItikUmF1V2IWZLDUJv315rfZxUtuUfj3vDZ/RSOXXoEbfoqynwHnUmQdRO9j9tg==
deviceId: 7b9c6871c64c0dd6bcb9b452885243b8
Content-Length: 48
Origin: https://35.220.255.80:8888
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/MktLand
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.16.1
Date: Sat, 04 May 2024 21:16:47 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
magic_string: 178aa526b36126fd25b8d3446d0c1d25
servers: Tengine/1.15.1
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
|
|
| 35.220.255.80:8888/_glaxy_91a2c0_/customer/preCreateAccount | 35.220.255.80 | 200 | 101 B |
URL POST HTTP/1.135.220.255.80:8888/_glaxy_91a2c0_/customer/preCreateAccount IP35.220.255.80:8888 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject35.220.255.80 Fingerprint13:36:32:12:0C:82:81:6F:C8:AC:44:F2:9E:43:FD:68:9F:04:E3:BA ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
Hasha473d069f5f716a1991bebb2337b4788 bb7d057364f4073278aa3ee67879c98939e00fa6 448b695e38fa0b8f22071b8d773e13cf74685fc4939a03f1efced290d72959c8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /_glaxy_91a2c0_/customer/preCreateAccount HTTP/1.1
Host: 35.220.255.80:8888
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Sign: ead252c7696b132921df8e21551270d8
AppId: E2110C2DC886499B9C8E18A4DCECADD4
Qid: e26bfcdefa12dfa5b5ac641a3771243e
v: 1.0.0
domainName: 35.220.255.80:8888
token: 6sNvgv4wu0LiB6y0TvoQsf0R9SMsYnPNAImzej3g5KTBvYRxhNaHIxfItikUmF1V2IWZLDUJv315rfZxUtuUfj3vDZ/RSOXXoEbfoqynwHnUmQdRO9j9tg==
deviceId: 7b9c6871c64c0dd6bcb9b452885243b8
Content-Length: 48
Origin: https://35.220.255.80:8888
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/MktLand
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.16.1
Date: Sat, 04 May 2024 21:16:47 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
magic_string: 178aa526b36126fd25b8d3446d0c1d25
servers: Tengine/1.15.1
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/ru.182478bc.svg | 36.156.95.251 | 200 OK | 175 B |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/ru.182478bc.svg IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash182478bcd33a12d3ac4fd828180bca2f 5b119cae412e2eb6f755fda7f075c2a4fec59877 d3186a06e97966a28552e0134f08ffd6e30fb7325bd2d8b27c235193ed24fdf1
GET /cdn/91a2c0FNEW/static/img/ru.182478bc.svg HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:47 GMT
content-type: image/svg+xml
content-length: 175
expires: Thu, 01 May 2025 13:57:03 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
etag: "662c9150-af"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-cc-via: 180_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/_wms/img/_l/_banner/banner-mkt-land-page-07c7953b2cb4960c6ce39538e035762d4.jpg_.webp | 36.156.95.251 | | 173 kB |
URL 91a2c0front.studentxi.com/cdn/91a2c0FNEW/_wms/img/_l/_banner/banner-mkt-land-page-07c7953b2cb4960c6ce39538e035762d4.jpg_.webp IP36.156.95.251:0 ASN#56046 China Mobile communications corporation
File typegzip compressed data, from Unix Size173 kB (173162 bytes) Hash80e9b308ca0ee27cba1460a65b17d811 057f7815d7bdbe1ed548aeac9627457efcbdd776 054d4d8e84609e1465b7f7761066a881ddfe8876f92e56b814eb707f9dc230ac
GET /cdn/91a2c0FNEW/_wms/img/_l/_banner/banner-mkt-land-page-07c7953b2cb4960c6ce39538e035762d4.jpg_.webp HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:44 GMT
content-type: image/webp
expires: Sun, 04 May 2025 20:06:25 GMT
server: nginx
last-modified: Fri, 20 Oct 2023 10:50:11 GMT
vary: Accept-Encoding
etag: W/"65325b63-2a33c"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 163_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/promotionsAmount.3351d438.png | 36.156.95.251 | | 16 kB |
URL 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/promotionsAmount.3351d438.png IP36.156.95.251:0 ASN#56046 China Mobile communications corporation
File typegzip compressed data, from Unix Hash4877ebc757c4e49a0884b5b86f546273 cebd9376e21afc8fe46d7a7fb5cd8650023207f8 a0f6afbe27eb852b9faaa477b3b2a443d2c26f2697da8cdf2adbabb8ee7c350e
GET /cdn/91a2c0FNEW/static/img/promotionsAmount.3351d438.png HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/chunk-610ce0b6.596948bc.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:43 GMT
content-type: image/png
expires: Thu, 01 May 2025 13:57:22 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-39d5"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 173_yd-jiangsu-nanjing-17-cache-2[H,2]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/washCode.ef7163cf.png_.webp | 36.156.95.251 | | 26 kB |
URL GET 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/washCode.ef7163cf.png_.webp IP36.156.95.251:0 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typegzip compressed data, from Unix Hash7266c5be1432363d1d154b1bd8c1a3c1 1702d97b0e9efe410392290acaa9eac083ecba80 a0b9983bfed02298092182bb106c20ea727239280948c5dcb265deb704040938
GET /cdn/91a2c0FNEW/static/img/washCode.ef7163cf.png_.webp HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/chunk-610ce0b6.596948bc.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:43 GMT
content-type: image/webp
expires: Fri, 02 May 2025 13:07:33 GMT
server: nginx
last-modified: Thu, 02 May 2024 03:56:30 GMT
vary: Accept-Encoding
etag: W/"66330eee-629e"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 176_yd-jiangsu-nanjing-17-cache-2[H,3]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/av.2de5cace.png_.webp | 36.156.95.251 | | 28 kB |
URL GET 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/av.2de5cace.png_.webp IP36.156.95.251:0 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typegzip compressed data, from Unix Hash11d40cbf8775b11078625027799379d5 5ecc9fc560ba55af679d112f3d3c3335eaa3ebef bfe7ed6f1aba6e4c47ee3245389d861d90a22edd2063b79ec990f0143535efd4
GET /cdn/91a2c0FNEW/static/img/av.2de5cace.png_.webp HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/chunk-610ce0b6.596948bc.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:43 GMT
content-type: image/webp
expires: Thu, 01 May 2025 14:33:11 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:55 GMT
vary: Accept-Encoding
etag: W/"662c914f-6eb6"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 172_yd-jiangsu-nanjing-17-cache-2[H,3]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/2022.8ebbd91f.png_.webp | 36.156.95.251 | | 31 kB |
URL GET 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/2022.8ebbd91f.png_.webp IP36.156.95.251:0 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typegzip compressed data, from Unix Hash7c4b7b5c6dcd5d75fef154a7820f05e7 c02e8bff87d48e6dcfda4372b11620762cc85ef3 50ebc08aecdad06e98cdde1912028ee9a1948c64cbf31a5fc10b36a32e89ee53
GET /cdn/91a2c0FNEW/static/img/2022.8ebbd91f.png_.webp HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/chunk-610ce0b6.596948bc.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:43 GMT
content-type: image/webp
expires: Thu, 01 May 2025 13:57:21 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:55 GMT
vary: Accept-Encoding
etag: W/"662c914f-7902"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 169_yd-jiangsu-nanjing-17-cache-2[H,2]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/yijia.7029a581.png_.webp | 36.156.95.251 | | 24 kB |
URL 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/yijia.7029a581.png_.webp IP36.156.95.251:0 ASN#56046 China Mobile communications corporation
File typegzip compressed data, from Unix Hash39836ab1ddf0f6f8a4c8e7996dda5b71 6548b023ef76c84adceece2586ea86423e4d4869 e14eae0a9573d1b94c44812eaeff102f47b2908135622dc4fb96a44200b3ffdb
GET /cdn/91a2c0FNEW/static/img/yijia.7029a581.png_.webp HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/chunk-610ce0b6.596948bc.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:43 GMT
content-type: image/webp
expires: Thu, 01 May 2025 13:57:21 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:55 GMT
vary: Accept-Encoding
etag: W/"662c914f-5b64"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 175_yd-jiangsu-nanjing-17-cache-2[H,2]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/jackpot.edf9c392.png_.webp | 36.156.95.251 | | 34 kB |
URL GET 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/jackpot.edf9c392.png_.webp IP36.156.95.251:0 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typegzip compressed data, from Unix Hash7b45ab65ba28088222d123b1bfc9c7e0 4323d062f03a281234d1f7efc7cd9de3750dd538 617f8f19bc714a07a87d614e648b12f0c4ef041136a3c5bc10cb969f7f34aa96
GET /cdn/91a2c0FNEW/static/img/jackpot.edf9c392.png_.webp HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/chunk-610ce0b6.596948bc.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:43 GMT
content-type: image/webp
expires: Thu, 01 May 2025 14:08:41 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-8310"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 173_yd-jiangsu-nanjing-17-cache-2[H,2]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/app.512f825d.js | 36.156.95.251 | | 118 kB |
URL 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/app.512f825d.js IP36.156.95.251:0 ASN#56046 China Mobile communications corporation
File typegzip compressed data, from Unix Size118 kB (118325 bytes) Hashad2951789dc23d96bfe5ec3be102d377 46a772296efb1657b8afee4460d952f085e04271 504d6d028659653eedde7defd42998e10a6de3a2bb80a701f63e1b61320be391
GET /cdn/91a2c0FNEW/static/js/app.512f825d.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:41 GMT
content-type: application/javascript; charset=utf-8
expires: Sat, 03 May 2025 10:43:52 GMT
server: nginx
last-modified: Fri, 03 May 2024 07:05:16 GMT
vary: Accept-Encoding
etag: W/"66348cac-5002b"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 180_yd-jiangsu-nanjing-17-cache-2[H,4]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/vn.44c0954e.svg | 36.156.95.251 | 200 OK | 458 B |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/vn.44c0954e.svg IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash44c0954e79163c9d2ad311429c6cb049 e8b990c8d8b5c2c804c81c968dbeb65033e29aaf 893b24ea38e9187b0caf4bbb787b525487931bb7401020f70ab36018f1e64bae
GET /cdn/91a2c0FNEW/static/img/vn.44c0954e.svg HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:47 GMT
content-type: image/svg+xml
content-length: 458
expires: Thu, 01 May 2025 13:57:04 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:55 GMT
etag: "662c914f-1ca"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-cc-via: 176_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/cn.c40591ea.svg | 36.156.95.251 | 200 OK | 531 B |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/cn.c40591ea.svg IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashc40591ea8ab99866733b24a433e6bfe1 2ca8bdb8c7d4c06a9b4247e7a23eb763bf166633 6bc6696ff46f1a326f162c12d4064d679076b81b206afc5e8e64a1126032e33b
GET /cdn/91a2c0FNEW/static/img/cn.c40591ea.svg HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:47 GMT
content-type: image/svg+xml
content-length: 531
expires: Sun, 04 May 2025 20:14:45 GMT
server: nginx
last-modified: Fri, 03 May 2024 07:05:15 GMT
etag: "66348cab-213"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-cc-via: 163_yd-jiangsu-nanjing-17-cache-2[H,2]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/chunk-c487d2a0.66bf3ff5.css | 36.156.95.251 | 200 OK | 3.1 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/chunk-c487d2a0.66bf3ff5.css IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typegzip compressed data, from Unix Hashb3d9c702d31105ff55e8dc7a29155e51 a9caf787027403adcb42b0eba12b971b73bc077a 24e3419eaef75ac49cd29b78d6c4c60dd5bbd64ff8991c4db32b92d020e78290
GET /cdn/91a2c0FNEW/static/css/chunk-c487d2a0.66bf3ff5.css HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:42 GMT
content-type: text/css
expires: Thu, 01 May 2025 13:56:23 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-21d3"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 176_yd-jiangsu-nanjing-17-cache-2[H,3]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-2d21d159.a0a42f6b.js | 36.156.95.251 | 200 OK | 69 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-2d21d159.a0a42f6b.js IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typegzip compressed data, from Unix Hashdd72191aa2b8e0109404bf36aeeb05e8 34c50373e3e0a8a3eddee482109b9d494a967104 e23684e7512025d301f414b28ef8cb84dedf59ff0e9b60d24fb24188f856131d
GET /cdn/91a2c0FNEW/static/js/chunk-2d21d159.a0a42f6b.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:42 GMT
content-type: application/javascript; charset=utf-8
expires: Thu, 01 May 2025 13:53:37 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-1ff0c"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 174_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/close.77b21dce.png | 36.156.95.251 | | 3.1 kB |
URL GET 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/close.77b21dce.png IP36.156.95.251:0 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typegzip compressed data, from Unix Hasheec7b6166e56fd687444d63747b40906 4aa6f0ce4bf6b5c6c63c1b401f88e9b1c101ddd7 84fa5ee83d8b8dd96dd042da463a3e7e1dcc001af064aee7191ac075060205c7
GET /cdn/91a2c0FNEW/static/img/close.77b21dce.png HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:43 GMT
content-type: image/png
expires: Thu, 01 May 2025 13:57:22 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:55 GMT
vary: Accept-Encoding
etag: W/"662c914f-c72"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 178_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 35.220.255.80:8888/_glaxy_91a2c0_/liveChatAddressOCSS | 35.220.255.80 | | 332 B |
URL 35.220.255.80:8888/_glaxy_91a2c0_/liveChatAddressOCSS IP35.220.255.80:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Hash7f69d43d4330658feebcc36c23ae79a6 26bf76545f36b9b96623a9e368f0768a7d6170b6 e5208ad2652254fff6782fef52a9d4ba1b334ead4a9a5ebabe399b261dc1068b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /_glaxy_91a2c0_/liveChatAddressOCSS HTTP/1.1
Host: 35.220.255.80:8888
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Sign: 353984d3e6150ff7647273fbdb8d5cc2
AppId: E2110C2DC886499B9C8E18A4DCECADD4
Qid: 874902efd73a469b2395bd91e6bce8fa
v: 1.0.0
domainName: 35.220.255.80:8888
token: 6sNvgv4wu0LiB6y0TvoQsf0R9SMsYnPNAImzej3g5KTBvYRxhNaHIxfItikUmF1V2IWZLDUJv315rfZxUtuUfj3vDZ/RSOXXoEbfoqynwHnUmQdRO9j9tg==
deviceId: 7b9c6871c64c0dd6bcb9b452885243b8
Content-Length: 48
Origin: https://35.220.255.80:8888
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/MktLand
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.16.1
Date: Sat, 04 May 2024 21:16:48 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
magic_string: 178aa526b36126fd25b8d3446d0c1d25
servers: Tengine/1.15.1
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
|
|
| 35.220.255.80:8888/_glaxy_91a2c0_/areaLimitV2 | 35.220.255.80 | | 108 B |
URL 35.220.255.80:8888/_glaxy_91a2c0_/areaLimitV2 IP35.220.255.80:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Hash7d915e4d5c29047ae8bdb5f9913285a2 a539cdbb05606dc848f401698b90aedcb3f66553 e7400cf77653940e94a119aaa748f8e9b12529465ba27fd806bb5be108986b1a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /_glaxy_91a2c0_/areaLimitV2 HTTP/1.1
Host: 35.220.255.80:8888
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Sign: 806366339d7e41742b486ae145f90ad7
AppId: E2110C2DC886499B9C8E18A4DCECADD4
Qid: 1fe7f8aa0791ccf966069281da4f15e3
v: 1.0.0
domainName: 35.220.255.80:8888
token: 6sNvgv4wu0LiB6y0TvoQsf0R9SMsYnPNAImzej3g5KTBvYRxhNaHIxfItikUmF1V2IWZLDUJv315rfZxUtuUfj3vDZ/RSOXXoEbfoqynwHnUmQdRO9j9tg==
deviceId: 7b9c6871c64c0dd6bcb9b452885243b8
Content-Length: 48
Origin: https://35.220.255.80:8888
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/MktLand
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.16.1
Date: Sat, 04 May 2024 21:16:48 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
magic_string: 178aa526b36126fd25b8d3446d0c1d25
servers: Tengine/1.15.1
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/au.e875a51e.svg | 36.156.95.251 | 200 OK | 4.3 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/au.e875a51e.svg IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typegzip compressed data, from Unix Hash8a2023c4e5951e5243961a3ba2ac4dc6 ca727e9d92792d2746081ef7004b053c7e5aa76b fb70cc1fdf04ce05c6be233771a6633a048a5ffe9ebba7e696585049944e96e1
GET /cdn/91a2c0FNEW/static/img/au.e875a51e.svg HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:47 GMT
content-type: image/svg+xml
expires: Fri, 02 May 2025 03:02:43 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
etag: "662c9150-51d"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-cc-via: 175_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/mint.f7832ba6.js | 36.156.95.251 | | 54 kB |
URL 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/mint.f7832ba6.js IP36.156.95.251:0 ASN#56046 China Mobile communications corporation
File typegzip compressed data, from Unix Hash4e378190115f8cdbc1a14e9062d1ef8f 3548cbeac74a8388fc7b2f918be8990073291fb5 cdc432c91977125bba7eb80f476de7c486a224e241bc62c597efbae50c97d3ba
GET /cdn/91a2c0FNEW/static/js/mint.f7832ba6.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:42 GMT
content-type: application/javascript; charset=utf-8
expires: Thu, 01 May 2025 13:54:16 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-75f6"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 166_yd-jiangsu-nanjing-17-cache-2[H,3]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-2d2165d2.4608909c.js | 36.156.95.251 | | 620 B |
URL 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-2d2165d2.4608909c.js IP36.156.95.251:0 ASN#56046 China Mobile communications corporation
File typeJavaScript source, ASCII text, with very long lines (620), with no line terminators Hashaafdb936cec875e4b4429477c19cf554 b930e69c627ae91671a5c7124a25f553d6c63c73 1550eabacd3d1e411da92e425fab132e3037ad60c6c90598f125e3c3ba261822
GET /cdn/91a2c0FNEW/static/js/chunk-2d2165d2.4608909c.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 620
expires: Thu, 01 May 2025 14:13:00 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
etag: "662c9150-26c"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
vary: Accept-Encoding
x-cc-via: 162_yd-jiangsu-nanjing-17-cache-2[H,4]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/chunk-1a540c70.c02ed846.css | 36.156.95.251 | | 1.5 kB |
URL 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/chunk-1a540c70.c02ed846.css IP36.156.95.251:0 ASN#56046 China Mobile communications corporation
File typegzip compressed data, from Unix Hashcdab133f135941cf410623beec978901 5d546253163e124ee87ef36c4bed8f0d4296c12d 228858e780cb6c0933368ab9b0211d11accab1071afc29d0235a0adc6908785e
GET /cdn/91a2c0FNEW/static/css/chunk-1a540c70.c02ed846.css HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:48 GMT
content-type: text/css
expires: Thu, 01 May 2025 14:00:19 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-1e40"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 161_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 35.220.255.80:8888/_glaxy_91a2c0_/_extra_/api/v1/domain-info | 35.220.255.80 | | 197 B |
URL 35.220.255.80:8888/_glaxy_91a2c0_/_extra_/api/v1/domain-info IP35.220.255.80:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Hash15e0737a916d2c39c68cb0e24d2768f3 f91ba62cac3105f49a4dadd6abde56cf17891190 68cbbc26eb8df110b18905a4debd2bffaa138403d968950e9e3393764d780260
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /_glaxy_91a2c0_/_extra_/api/v1/domain-info HTTP/1.1
Host: 35.220.255.80:8888
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Sign: 8854da88b5c177f1ac446a21a81b2336
AppId: E2110C2DC886499B9C8E18A4DCECADD4
Qid: 018a47b58e57c9f0dbc019589d8cf95a
v: 1.0.0
domainName: 35.220.255.80:8888
token: 6sNvgv4wu0LiB6y0TvoQsf0R9SMsYnPNAImzej3g5KTBvYRxhNaHIxfItikUmF1V2IWZLDUJv315rfZxUtuUfj3vDZ/RSOXXoEbfoqynwHnUmQdRO9j9tg==
Content-Length: 70
Origin: https://35.220.255.80:8888
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/MktLand
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 04 May 2024 21:16:49 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Vary: Origin
X-RateLimit-Limit: 1000000
X-RateLimit-Remaining: 999991
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
Access-Control-Allow-Headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Authorization , Access-Control-Request-Headers, X-CSRF-TOKEN
Access-Control-Expose-Headers: Authorization, authenticated
Access-Control-Allow-Credentials: true
X-M: 190-1
magic_string: 178aa526b36126fd25b8d3446d0c1d25
servers: Tengine/1.15.1
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *, *
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-2d21b0f9.2deea854.js | 36.156.95.251 | | 623 B |
URL 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-2d21b0f9.2deea854.js IP36.156.95.251:0 ASN#56046 China Mobile communications corporation
File typeJavaScript source, ASCII text, with very long lines (623), with no line terminators Hash8157a6980a94279cb5e0f7e06421fa3d 27d27d224f505e5827ecfdf228764e206604f0cd d79d436e8d00503d934a8f034cf6d3432ed938c0cd370a5ec4bfa70a561dc1a8
GET /cdn/91a2c0FNEW/static/js/chunk-2d21b0f9.2deea854.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 623
expires: Thu, 01 May 2025 14:08:55 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
etag: "662c9150-26f"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
vary: Accept-Encoding
x-cc-via: 169_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/kh.b3dadd9f.svg | 36.156.95.251 | 200 OK | 7.1 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/kh.b3dadd9f.svg IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typegzip compressed data, from Unix Hash2c51e54d19c9192196e753e18b4e7415 0577993815dba3bf08956f24a995f73a4f812cf3 8f40ba36ec481eafe549b0e6c8303c2161f5c29cc0add02bfc3dfc7d828f5f9d
GET /cdn/91a2c0FNEW/static/img/kh.b3dadd9f.svg HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:47 GMT
content-type: image/svg+xml
expires: Fri, 02 May 2025 13:56:52 GMT
server: nginx
last-modified: Thu, 02 May 2024 03:56:29 GMT
etag: "66330eed-3353"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-cc-via: 176_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| zerossl.ocsp.sectigo.com/ | 172.64.149.23 | | 728 B |
URL zerossl.ocsp.sectigo.com/ IP172.64.149.23:0
Hash25a8c5f3759a75b1e29c8ec503939d82 524aa4f5bb9e27b2dcd42018ee444e068eb19489 fbb879dafcf57122eee72e7837df38cee375733ec32df04512a8be813487646d
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 21:16:50 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Wed, 01 May 2024 18:33:56 GMT
Expires: Wed, 08 May 2024 18:33:55 GMT
Etag: "524aa4f5bb9e27b2dcd42018ee444e068eb19489"
Cache-Control: max-age=335224,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 87eb839c5c1f568b-OSL
|
|
| 35.220.255.80:8888/_glaxy_91a2c0_/captcha/generateSlider | 35.220.255.80 | | 153 kB |
URL POST 35.220.255.80:8888/_glaxy_91a2c0_/captcha/generateSlider IP35.220.255.80:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://35.220.255.80:8888/MktLand
Size153 kB (152821 bytes) Hash110b461b2591c82d567738d7e4070fca b6297cc60130bb110c4a30801238618759f8e3cd fd7a835f36def7ae190414f0423340351494016e20f18b8f8f22b0c87371d61c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /_glaxy_91a2c0_/captcha/generateSlider HTTP/1.1
Host: 35.220.255.80:8888
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Sign: 7867ce8a5f6be244c092fdb2b27bc201
AppId: E2110C2DC886499B9C8E18A4DCECADD4
Qid: e3d310302ef001c2cbdde5dd69e00960
v: 1.0.0
domainName: 35.220.255.80:8888
token: 6sNvgv4wu0LiB6y0TvoQsf0R9SMsYnPNAImzej3g5KTBvYRxhNaHIxfItikUmF1V2IWZLDUJv315rfZxUtuUfj3vDZ/RSOXXoEbfoqynwHnUmQdRO9j9tg==
deviceId: 7b9c6871c64c0dd6bcb9b452885243b8
Content-Length: 48
Origin: https://35.220.255.80:8888
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/MktLand
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx/1.16.1
Date: Sat, 04 May 2024 21:16:49 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
magic_string: 178aa526b36126fd25b8d3446d0c1d25
servers: Tengine/1.15.1
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
|
|
| zerossl.ocsp.sectigo.com/ | 172.64.149.23 | | 728 B |
URL zerossl.ocsp.sectigo.com/ IP172.64.149.23:0
Hashb802397d0c898bdfc454e9bc06b2600f b6be5dd2a1d0be82a440238de69fa1754de95b8c fa3044ec1d51123cc7b49cd866567128d8f3f05ca3a49e6e76132b32e1e303c2
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 21:16:50 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Fri, 03 May 2024 20:12:08 GMT
Expires: Fri, 10 May 2024 20:12:07 GMT
Etag: "b6be5dd2a1d0be82a440238de69fa1754de95b8c"
Cache-Control: max-age=513916,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 87eb839cbc8b568b-OSL
|
|
| zerossl.ocsp.sectigo.com/ | 172.64.149.23 | | 728 B |
URL zerossl.ocsp.sectigo.com/ IP172.64.149.23:0
Hash2575ff9e7dda4ca1fd05cbb3ded17574 322bddd18143e19ef027d1b5beb6c9bedab43c2d 98c9da2a67228e3fe57348739d41614ec952dec6b360d90e37ff6c4df7e03736
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 21:16:50 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Thu, 02 May 2024 19:03:11 GMT
Expires: Thu, 09 May 2024 19:03:10 GMT
Etag: "322bddd18143e19ef027d1b5beb6c9bedab43c2d"
Cache-Control: max-age=423628,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 87eb839db9fa569d-OSL
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-3ff14c22.4467f063.js | 36.156.95.251 | | 2.6 kB |
URL 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-3ff14c22.4467f063.js IP36.156.95.251:0 ASN#56046 China Mobile communications corporation
File typegzip compressed data, from Unix Hash4fde90c41b8d93ef8052ab8abe497c3a 8f99e598f644110559d05a92c65fe10555e30c6c 31e87eeac13c17b7309dd23fd56f1ab4a8d61da73c4ee3a9c87413cd0cdbba0b
GET /cdn/91a2c0FNEW/static/js/chunk-3ff14c22.4467f063.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:48 GMT
content-type: application/javascript; charset=utf-8
expires: Thu, 01 May 2025 21:19:50 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-1a60"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 180_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/chunk-3ff14c22.13a0e2e0.css | 36.156.95.251 | | 2.9 kB |
URL 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/chunk-3ff14c22.13a0e2e0.css IP36.156.95.251:0 ASN#56046 China Mobile communications corporation
File typegzip compressed data, from Unix Hash0751e0a77d667f8d2b78633bcca99e2f ae6ad3e45bb8ec6e79e0d21ffc194cc0b0f147f3 2accc8e65d7b3a5c5211d331f1f359f7f75d9d6cb7465da18ff4a0b893b26148
GET /cdn/91a2c0FNEW/static/css/chunk-3ff14c22.13a0e2e0.css HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:48 GMT
content-type: text/css
expires: Thu, 01 May 2025 14:00:18 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-2e0c"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 176_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| zerossl.ocsp.sectigo.com/ | 172.64.149.23 | | 728 B |
URL zerossl.ocsp.sectigo.com/ IP172.64.149.23:0
Hash291e2b22634671dcc12fcda27b4b9756 a6aadb95d1daac831cca10e3cb8be5b1cfc963d0 07546281959ccfdc91dbcaab2e11e6bbfde8613400d9c6e22bdd4acec9e652eb
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 21:16:50 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Thu, 02 May 2024 08:19:21 GMT
Expires: Thu, 09 May 2024 08:19:20 GMT
Etag: "a6aadb95d1daac831cca10e3cb8be5b1cfc963d0"
Cache-Control: max-age=384997,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 87eb839f9cd5569d-OSL
|
|
| 34.150.67.86:9488/im/img/speedtest.png | 34.150.67.86 | | 68 B |
URL 34.150.67.86:9488/im/img/speedtest.png IP34.150.67.86:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typePNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced Hash5df0ac2d51cfecbde35e8dd1ba3a8d77 ddc1e762b7967d23fa54ff68287df7b733670ab1 260865134b6e69ca7bafa9e8ddcd59fb6ffbf727f50a3d2dd186d217c8c79694
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /im/img/speedtest.png HTTP/1.1
Host: 34.150.67.86:9488
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://35.220.255.80:8888
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Sat, 04 May 2024 21:16:50 GMT
Content-Type: image/png
Content-Length: 68
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: *
Last-Modified: Tue, 23 Apr 2024 07:40:11 GMT
Accept-Ranges: bytes
Set-Cookie: NSC_JOepv445eexgvs3d4q02jychxhigcdP=ffffffff09d4187a45525d5f4f58455e445a4a421488;Version=1;Max-Age=1800;path=/;httponly
|
|
| zerossl.ocsp.sectigo.com/ | 172.64.149.23 | | 728 B |
URL zerossl.ocsp.sectigo.com/ IP172.64.149.23:0
Hash3f3b689703884341cb1d1b3c79462ca0 8c95d258dbdac2cadff637eca1867b766c5996ba d389e4ac399a28c509dd7551e8f372a0c2cc81acaf8841e6357cbc1805dc0dcc
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 21:16:50 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Thu, 02 May 2024 23:13:34 GMT
Expires: Thu, 09 May 2024 23:13:33 GMT
Etag: "8c95d258dbdac2cadff637eca1867b766c5996ba"
Cache-Control: max-age=438921,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 87eb83a088d8568b-OSL
|
|
| k822222.com/domain_status/ | 118.107.254.196 | | 36 B |
URL k822222.com/domain_status/ IP118.107.254.196:0 ASN#132825 MYTEK TRADING PTY LTD
File typeASCII text, with no line terminators Hash4977d82ef976db90038cd395ad4cd149 19c572873038b975d0b97cecf5ae0c26b98f9fcd 444c598a2348c3d26ac20f07ca058688b160ae406703515612bb7de9d9118e3b
GET /domain_status/ HTTP/1.1
Host: k822222.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://35.220.255.80:8888
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:16:50 GMT
content-type: text/html; charset=utf-8
content-length: 36
magic_string: 178aa526b36126fd25b8d3446d0c1d25
servers: Tengine/1.15.1
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-remote-addr: 91.90.42.154
x-forwarded-port: 443
http-geo-ipcountry: NO
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| viplc88.com/domain_status/ | 103.250.4.82 | | 36 B |
URL viplc88.com/domain_status/ IP103.250.4.82:0 ASN#132825 MYTEK TRADING PTY LTD
File typeASCII text, with no line terminators Hash4977d82ef976db90038cd395ad4cd149 19c572873038b975d0b97cecf5ae0c26b98f9fcd 444c598a2348c3d26ac20f07ca058688b160ae406703515612bb7de9d9118e3b
GET /domain_status/ HTTP/1.1
Host: viplc88.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://35.220.255.80:8888
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:16:50 GMT
content-type: text/html; charset=utf-8
content-length: 36
magic_string: 178aa526b36126fd25b8d3446d0c1d25
servers: Tengine/1.15.1
timing-allow-origin: *
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-remote-addr: 91.90.42.154
x-forwarded-port: 443
http-geo-ipcountry: NO
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-028d0f58.e80a3c83.js | 36.156.95.251 | | 4.4 kB |
URL 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-028d0f58.e80a3c83.js IP36.156.95.251:0 ASN#56046 China Mobile communications corporation
File typegzip compressed data, from Unix Hashcc81f8b03c205608cc6015ed62263e95 40f39cc4743bd4bb69dd1fa51afb244417225bc5 d59df0dad3ab9f1966c2f3efa79ba418426ff116fd06e4aa771d565fd7848d82
GET /cdn/91a2c0FNEW/static/js/chunk-028d0f58.e80a3c83.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:48 GMT
content-type: application/javascript; charset=utf-8
expires: Thu, 01 May 2025 14:05:25 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-288c"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 175_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| zerossl.ocsp.sectigo.com/ | 172.64.149.23 | | 728 B |
URL zerossl.ocsp.sectigo.com/ IP172.64.149.23:0
Hashd38470c7bf97419b5e0befc166c52f2d b7d9b76d3772afbd0651eab00f5309cfe6b172cd 3c1460b7143b17dac5a621d16d105fcdaf10b3f3a6237f6a0ca28dedbc63f062
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 21:16:50 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Fri, 03 May 2024 08:13:15 GMT
Expires: Fri, 10 May 2024 08:13:14 GMT
Etag: "b7d9b76d3772afbd0651eab00f5309cfe6b172cd"
Cache-Control: max-age=470783,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 87eb83a189be568b-OSL
|
|
| zerossl.ocsp.sectigo.com/ | 172.64.149.23 | | 728 B |
URL zerossl.ocsp.sectigo.com/ IP172.64.149.23:0
Hashef21576e0b3fd4e501aafbab8c6027b3 93a03ce32ee71b7f655402b4a18bb13f6a74eb17 0c3fe04d44c3d52fa0c8970409b5e622bf11734eaabf070b9f55b18ba9130054
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 21:16:51 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Thu, 02 May 2024 22:28:02 GMT
Expires: Thu, 09 May 2024 22:28:01 GMT
Etag: "93a03ce32ee71b7f655402b4a18bb13f6a74eb17"
Cache-Control: max-age=435669,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 87eb83a2983b569d-OSL
|
|
| t.cloveorcloud.world/im/img/speedtest.png | 103.250.4.13 | | 68 B |
URL t.cloveorcloud.world/im/img/speedtest.png IP103.250.4.13:0 ASN#132825 MYTEK TRADING PTY LTD
File typePNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced Hash5df0ac2d51cfecbde35e8dd1ba3a8d77 ddc1e762b7967d23fa54ff68287df7b733670ab1 260865134b6e69ca7bafa9e8ddcd59fb6ffbf727f50a3d2dd186d217c8c79694
GET /im/img/speedtest.png HTTP/1.1
Host: t.cloveorcloud.world
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://35.220.255.80:8888
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:16:51 GMT
content-type: image/png
content-length: 68
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
last-modified: Tue, 23 Apr 2024 07:40:11 GMT
expires: Sat, 04 May 2024 21:26:51 GMT
cache-control: max-age=600
strict-transport-security: max-age=31536000; includeSubDomains
x-proxy-cache: HIT
x-remote-addr: 91.90.42.154
x-forwarded-port: 443
http-geo-ipcountry: NO
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ips2.io/ws?&appId=E2110C2DC886499B9C8E18A4DCECADD4 | 118.107.254.193 | | 0 B |
URL ips2.io/ws?&appId=E2110C2DC886499B9C8E18A4DCECADD4 IP118.107.254.193:0 ASN#132825 MYTEK TRADING PTY LTD
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws?&appId=E2110C2DC886499B9C8E18A4DCECADD4 HTTP/1.1
Host: ips2.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://35.220.255.80:8888
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gR31XkDFC1dO+o69dSLYjQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Sat, 04 May 2024 21:16:51 GMT
Content-Type: text/html; charset=utf-8
Connection: upgrade
Set-Cookie: route=dc72bbec9292a35923acc16e84b8740fcd721a40; Domain=ips2.bawinx.com; Path=/; HttpOnly
Upgrade: websocket
Sec-WebSocket-Accept: jCV+Q0MxhHVO+lpjsJx5S/wuz2Y=
Strict-Transport-Security: max-age=31536000; includeSubDomains
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/chenxiaochun.badfea7d.png_.webp | 36.156.95.251 | | 93 kB |
URL 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/chenxiaochun.badfea7d.png_.webp IP36.156.95.251:0 ASN#56046 China Mobile communications corporation
File typegzip compressed data, from Unix Hash6aee51333dab54a011caa160073ea61d 288a9e8a48f58daf354eaa940bbf7e9918f6c5e8 d676000a51ba7945d9b4cd61c67e0a2fae93c9bb427ac7984a3ebdddf4196b3f
GET /cdn/91a2c0FNEW/static/img/chenxiaochun.badfea7d.png_.webp HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/chunk-610ce0b6.596948bc.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:43 GMT
content-type: image/webp
expires: Fri, 02 May 2025 13:33:49 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:55 GMT
vary: Accept-Encoding
etag: W/"662c914f-16c28"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 162_yd-jiangsu-nanjing-17-cache-2[H,3]
X-Firefox-Spdy: h2
|
|
| 34.96.197.76:9488/im/0lv0i8.html?appType=1&domainName=35.220.255.80%3A8888 | 34.96.197.76 | | 38 kB |
URL 34.96.197.76:9488/im/0lv0i8.html?appType=1&domainName=35.220.255.80%3A8888 IP34.96.197.76:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65530), with no line terminators Hashe1b7802599400effcc57cb859f5b6d67 1bb96dc231c8fa540f36b596dc9e9a6a335e2926 9c1e587a257224e52fa5b7e18a12a9037a151c7d67789bb259dff5e24f4edd02
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /im/0lv0i8.html?appType=1&domainName=35.220.255.80%3A8888 HTTP/1.1
Host: 34.96.197.76:9488
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Sat, 04 May 2024 21:16:50 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Language: zh-CN
Set-Cookie: JSESSIONID=56DEDC029CA6D30A6A55847520C52257; Path=/; Secure; HttpOnly
NSC_JOepv445eexgvs3d4q02jychxhigcdP=ffffffff09d418c345525d5f4f58455e445a4a421488;Version=1;Max-Age=1800;path=/;httponly
Content-Encoding: gzip
|
|
| 34.96.197.76:9488/im/img/expand@3x.png | 34.96.197.76 | | 1.5 kB |
URL 34.96.197.76:9488/im/img/expand@3x.png IP34.96.197.76:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typePNG image data, 45 x 45, 8-bit/color RGBA, interlaced Hash4dbe91ce974b3fd0e4405da6425bfb1a 1978058d5d4e8134db1e1dae6588f75198dca473 572cd5cecbfc3e80215b0d2b5efdae39b7eb72863f061578549099ad3d8375fa
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /im/img/expand@3x.png HTTP/1.1
Host: 34.96.197.76:9488
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Sat, 04 May 2024 21:16:51 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Tue, 23 Apr 2024 07:40:11 GMT
Set-Cookie: NSC_JOepv445eexgvs3d4q02jychxhigcdP=ffffffff09d418c345525d5f4f58455e445a4a421488;Version=1;Max-Age=1800;path=/;httponly
Content-Encoding: gzip
|
|
| 34.96.197.76:9488/im/img/minimize@3x.png | 34.96.197.76 | | 358 B |
URL 34.96.197.76:9488/im/img/minimize@3x.png IP34.96.197.76:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typePNG image data, 48 x 9, 8-bit/color RGBA, interlaced Hashf9087a87cf44f72975de55ec2db5380f cd1db022801b48d92ccd788e06100f1907137a59 ccf9e2bb846f6b516ee3df34ecf75dd3a673047d57ba1a44ce406c5d2046a2bd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /im/img/minimize@3x.png HTTP/1.1
Host: 34.96.197.76:9488
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Sat, 04 May 2024 21:16:51 GMT
Content-Type: image/png
Content-Length: 358
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Tue, 23 Apr 2024 07:40:11 GMT
Accept-Ranges: bytes
Set-Cookie: NSC_JOepv445eexgvs3d4q02jychxhigcdP=ffffffff09d4187a45525d5f4f58455e445a4a421488;Version=1;Max-Age=1800;path=/;httponly
|
|
| www.tulsaroughnecks.com/uploads/css/css/style1.css | 38.207.232.196 | 200 OK | 116 kB |
URL GET HTTP/2www.tulsaroughnecks.com/uploads/css/css/style1.css IP38.207.232.196:443
Requested byhttps://www.tulsaroughnecks.com/ CertificateIssuerLet's Encrypt Subjecttulsaroughnecks.com Fingerprint4F:2C:6A:99:12:DA:26:21:6A:BE:EC:9F:E0:92:F0:1F:64:C7:11:79 ValiditySun, 04 Feb 2024 18:00:00 GMT - Sat, 04 May 2024 17:59:59 GMT
Size116 kB (116262 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/css/css/style1.css HTTP/1.1
Host: www.tulsaroughnecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tulsaroughnecks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:16:35 GMT
content-type: text/css
last-modified: Sat, 26 Feb 2022 04:07:57 GMT
vary: Accept-Encoding
etag: W/"6219a79d-1c626"
expires: Sun, 05 May 2024 09:16:35 GMT
cache-control: max-age=43200
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/agIcon.a073cd2e.png | 0.0.0.0 | | 0 B |
URL GET 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/agIcon.a073cd2e.png IP0.0.0.0:0
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/91a2c0FNEW/static/img/agIcon.a073cd2e.png HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:42 GMT
content-type: image/png
expires: Fri, 02 May 2025 13:07:29 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-b8cc"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 174_yd-jiangsu-nanjing-17-cache-2[H,2]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/imAppTitle.ca282a68.png | 0.0.0.0 | | 0 B |
URL GET 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/imAppTitle.ca282a68.png IP0.0.0.0:0
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/91a2c0FNEW/static/img/imAppTitle.ca282a68.png HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:43 GMT
content-type: image/png
expires: Thu, 01 May 2025 14:04:26 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-2ea1"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 168_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-Z5NKFLZGBH | 142.250.74.168 | 200 OK | 299 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-Z5NKFLZGBH IP142.250.74.168:443
Requested byhttps://www.tulsaroughnecks.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Size299 kB (299265 bytes) Hasha91f4d184cc41f22325dc8f11b1c46b1 14cfca81ac37cc935272e24f30c2076d28fb867f 039fd9d50228d14e1d0258edbee5212b48ae15250483ed7ed7988a63af188525
GET /gtag/js?id=G-Z5NKFLZGBH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tulsaroughnecks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 21:16:36 GMT
expires: Sat, 04 May 2024 21:16:36 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100157
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/util.366e2dea.js | 36.156.95.251 | 200 OK | 102 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/util.366e2dea.js IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
Size102 kB (102254 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/91a2c0FNEW/static/js/util.366e2dea.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:41 GMT
content-type: application/javascript; charset=utf-8
expires: Sat, 03 May 2025 10:43:41 GMT
server: nginx
last-modified: Fri, 03 May 2024 07:05:16 GMT
vary: Accept-Encoding
etag: W/"66348cac-18f6e"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 169_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/chunk-361366ae.9182df3b.css | 36.156.95.251 | 200 OK | 1.2 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/chunk-361366ae.9182df3b.css IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typeASCII text, with very long lines (1175), with no line terminators Hashd312992647f20cf29ace2c66c90d27ef 7b17c90b6cc35831b408b21c9bdb7d3cce971bbe d8cd44f6105d2f62c56a03a739744c4e583ff58467150b0cecb9c4b38ea77177
GET /cdn/91a2c0FNEW/static/css/chunk-361366ae.9182df3b.css HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:42 GMT
content-type: text/css
expires: Thu, 01 May 2025 21:18:35 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-497"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 175_yd-jiangsu-nanjing-17-cache-2[H,4]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/send88.32b9040a.png | 0.0.0.0 | | 0 B |
URL GET 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/send88.32b9040a.png IP0.0.0.0:0
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/91a2c0FNEW/static/img/send88.32b9040a.png HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:42 GMT
content-type: image/png
expires: Thu, 01 May 2025 14:05:19 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-1078"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 168_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-2d0b9d2b.70bdc10f.js | 36.156.95.251 | 200 OK | 1.5 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-2d0b9d2b.70bdc10f.js IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typeASCII text, with very long lines (1579), with no line terminators Hash3ccedde26fc9cdfd3cd871ba938240ee f5c6fdd4002039cfbc1158c9fe8f63e5bcdd5d26 440986db62fbdad7c300797dc70c7fd494e5f138d24b4759b06babc79c143ab7
GET /cdn/91a2c0FNEW/static/js/chunk-2d0b9d2b.70bdc10f.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:43 GMT
content-type: application/javascript; charset=utf-8
expires: Thu, 01 May 2025 13:57:03 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-60b"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 178_yd-jiangsu-nanjing-17-cache-2[H,3]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/chess.beac1784.png_.webp | 0.0.0.0 | | 0 B |
URL GET 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/chess.beac1784.png_.webp IP0.0.0.0:0
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/91a2c0FNEW/static/img/chess.beac1784.png_.webp HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/chunk-610ce0b6.596948bc.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:43 GMT
content-type: image/webp
expires: Thu, 01 May 2025 13:57:21 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-3fd0"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 166_yd-jiangsu-nanjing-17-cache-2[H,2]
X-Firefox-Spdy: h2
|
|
| 35.220.255.80:8888/MktLand | 35.220.255.80 | 200 OK | 10 kB |
URL GET HTTP/1.135.220.255.80:8888/MktLand IP35.220.255.80:8888 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.tulsaroughnecks.com/ CertificateIssuerSectigo Limited Subject35.220.255.80 Fingerprint13:36:32:12:0C:82:81:6F:C8:AC:44:F2:9E:43:FD:68:9F:04:E3:BA ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (9993), with no line terminators Hash1919954eb51808f7ed34054e43d3dc1a 672a6655b13102101456943680a094c90a0b6e8a 6822a525c1b04ead372ec16c9e8dabbe9f092663f92fb93c470136f88e474427
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /MktLand HTTP/1.1
Host: 35.220.255.80:8888
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tulsaroughnecks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 04 May 2024 21:16:37 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 03 May 2024 10:43:23 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"6634bfcb-27ad"
magic_string: 178aa526b36126fd25b8d3446d0c1d25
servers: Tengine/1.15.1
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Content-Encoding: gzip
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/elementUi.3dd23215.css | 36.156.95.251 | 200 OK | 57 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/elementUi.3dd23215.css IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typeASCII text, with very long lines (57108), with no line terminators Hash05a46b811629849ab976554dd8334890 f45ca87bc821a8dafb21c987a367327e25e08f5f 7989c718adb13b31bbe33f1f49561748e041579aefcee0453bc7804d413942fa
GET /cdn/91a2c0FNEW/static/css/elementUi.3dd23215.css HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:41 GMT
content-type: text/css
expires: Thu, 01 May 2025 13:56:17 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-df14"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 178_yd-jiangsu-nanjing-17-cache-2[H,4]
X-Firefox-Spdy: h2
|
|
| 35.220.255.80:8888/_glaxy_91a2c0_/_extra_/api/get-client-ip | 35.220.255.80 | 200 OK | 176 B |
URL POST HTTP/1.135.220.255.80:8888/_glaxy_91a2c0_/_extra_/api/get-client-ip IP35.220.255.80:8888 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject35.220.255.80 Fingerprint13:36:32:12:0C:82:81:6F:C8:AC:44:F2:9E:43:FD:68:9F:04:E3:BA ValidityTue, 31 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File typetroff or preprocessor input, Unicode text, UTF-8 text, with no line terminators Hash1ff036302c56c81e19569517ec6f3927 c3b645d97e8da5ce6b095207958c22f963efa264 783cfeadecf4ab0721042bc272762c7a38b4003d54e10ed5988552c6c06e3109
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /_glaxy_91a2c0_/_extra_/api/get-client-ip HTTP/1.1
Host: 35.220.255.80:8888
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Sign: 975f8dc70183265bed2f3023719300fb
AppId: E2110C2DC886499B9C8E18A4DCECADD4
Qid: 6cb2d892665388fcac8caa1ff72a223f
v: 1.0.0
domainName: 35.220.255.80
Content-Length: 48
Origin: https://35.220.255.80:8888
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/MktLand
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 04 May 2024 21:16:44 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Vary: Origin
X-RateLimit-Limit: 1000000
X-RateLimit-Remaining: 999999
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
Access-Control-Allow-Headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Authorization , Access-Control-Request-Headers, X-CSRF-TOKEN
Access-Control-Expose-Headers: Authorization, authenticated
Access-Control-Allow-Credentials: true
X-M: 190-1
magic_string: 178aa526b36126fd25b8d3446d0c1d25
servers: Tengine/1.15.1
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *, *
|
|
| www.tulsaroughnecks.com/js/bodymovin.js | 38.207.232.196 | 200 OK | 295 kB |
URL GET HTTP/2www.tulsaroughnecks.com/js/bodymovin.js IP38.207.232.196:443
Requested byhttps://www.tulsaroughnecks.com/Year_by_Year.html CertificateIssuerLet's Encrypt Subjecttulsaroughnecks.com Fingerprint4F:2C:6A:99:12:DA:26:21:6A:BE:EC:9F:E0:92:F0:1F:64:C7:11:79 ValiditySun, 04 Feb 2024 18:00:00 GMT - Sat, 04 May 2024 17:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size295 kB (295066 bytes) Hasha6919f5d3328c626b49d752d237bcaa6 a9ba4005f96055774d3ff6977bd420d46da42da7 c8c951e11b265269ddc2af20c06fdd60ed46b6c1c3f109db4a745b3a621b04e6
GET /js/bodymovin.js HTTP/1.1
Host: www.tulsaroughnecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tulsaroughnecks.com/Year_by_Year.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:16:29 GMT
content-type: application/javascript
last-modified: Sat, 26 Feb 2022 03:56:04 GMT
vary: Accept-Encoding
etag: W/"6219a4d4-4809a"
expires: Sun, 05 May 2024 09:16:29 GMT
cache-control: max-age=43200
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/fing.897f6f94.js | 36.156.95.251 | 200 OK | 89 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/fing.897f6f94.js IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/91a2c0FNEW/static/js/fing.897f6f94.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:41 GMT
content-type: application/javascript; charset=utf-8
expires: Thu, 01 May 2025 13:51:59 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-15c67"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 180_yd-jiangsu-nanjing-17-cache-2[H,2]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/sprites.1ee59a01.png | 0.0.0.0 | | 0 B |
URL GET 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/sprites.1ee59a01.png IP0.0.0.0:0
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/91a2c0FNEW/static/img/sprites.1ee59a01.png HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/app.4ee3ec41.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:45 GMT
content-type: image/png
expires: Thu, 01 May 2025 14:01:52 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-98c3"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 169_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/lazyload.3bdffa42.js | 36.156.95.251 | 200 OK | 21 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/lazyload.3bdffa42.js IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (20436) Hash50e1000e00e93b1f68c057b6b9f0a2fe 3f9455cbde2e4282e84c2e8dc463f5038af98ca2 2afd2edea9c5b9b763c1e78ce4c82f7319344ae35cf64cb6d09a6f03466ade47
GET /cdn/91a2c0FNEW/static/js/lazyload.3bdffa42.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:41 GMT
content-type: application/javascript; charset=utf-8
expires: Thu, 01 May 2025 13:52:02 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-509f"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 176_yd-jiangsu-nanjing-17-cache-2[H,2]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-01d0b1ae.3568aaaa.js | 36.156.95.251 | 200 OK | 8.0 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-01d0b1ae.3568aaaa.js IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (7945), with no line terminators Hashae2519de6a5f3bb87249d3731928c40a daed58b09e2f95f8d99ad89b66a200186c9a1271 12d9cc8b3d05d4f977270a60bbd48592f8588a7504aad1c77b1c6faffb4fac0d
GET /cdn/91a2c0FNEW/static/js/chunk-01d0b1ae.3568aaaa.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:42 GMT
content-type: application/javascript; charset=utf-8
expires: Thu, 01 May 2025 13:53:38 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-1f43"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 169_yd-jiangsu-nanjing-17-cache-2[H,3]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/iosAndGroup.4fa6fd2e.png | 0.0.0.0 | | 0 B |
URL GET 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/iosAndGroup.4fa6fd2e.png IP0.0.0.0:0
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/91a2c0FNEW/static/img/iosAndGroup.4fa6fd2e.png HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:43 GMT
content-type: image/png
expires: Thu, 01 May 2025 13:57:03 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-4cb"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 178_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/mainJs4AI.0d15e8ec.js | 36.156.95.251 | 200 OK | 89 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/mainJs4AI.0d15e8ec.js IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash92312fdc28c2ee16cfe4acd63dd960b7 d0385205511c07add506afc8cfd25bb1e651c120 3b0676ca0727852f7377b813ffe9f22a6cbe288dc8ff20eef12f1b3c5d8a94b2
GET /cdn/91a2c0FNEW/static/js/mainJs4AI.0d15e8ec.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:41 GMT
content-type: application/javascript; charset=utf-8
expires: Sat, 03 May 2025 10:43:48 GMT
server: nginx
last-modified: Fri, 03 May 2024 07:05:16 GMT
vary: Accept-Encoding
etag: W/"66348cac-15aaf"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 176_yd-jiangsu-nanjing-17-cache-2[H,2]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-2d0cc691.2db1b4d0.js | 36.156.95.251 | 200 OK | 1.1 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-2d0cc691.2db1b4d0.js IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1181), with no line terminators Hashe36f1fae6e010247b78ecfa8e443d693 1a1a9f7e613c5cf171a99876a93a3065c0f9c22c bbb84bcbb1c1d51ded77c11b6f9220e0682e8ada2909193b504dba482f847756
GET /cdn/91a2c0FNEW/static/js/chunk-2d0cc691.2db1b4d0.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:42 GMT
content-type: application/javascript; charset=utf-8
expires: Thu, 01 May 2025 13:53:38 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-479"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 172_yd-jiangsu-nanjing-17-cache-2[H,3]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/core.681c56c0.js | 36.156.95.251 | 200 OK | 12 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/core.681c56c0.js IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (12001), with no line terminators Hash2229ee2f5f33fe033298d29d1331c8f5 d27ac065d560e6585fc1e9bb5d9c480ee45979a5 84431f8217fb06f263826eed560a0595af3c31a6e7a10bb81a27c24ceced4854
GET /cdn/91a2c0FNEW/static/js/core.681c56c0.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:41 GMT
content-type: application/javascript; charset=utf-8
expires: Thu, 01 May 2025 13:51:59 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-2ee1"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 175_yd-jiangsu-nanjing-17-cache-2[H,2]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/live.ff238852.png_.webp | 0.0.0.0 | | 0 B |
URL GET 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/live.ff238852.png_.webp IP0.0.0.0:0
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/91a2c0FNEW/static/img/live.ff238852.png_.webp HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/chunk-610ce0b6.596948bc.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:42 GMT
content-type: image/webp
expires: Fri, 02 May 2025 03:03:01 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-29118"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 175_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/games.1c05bd8a.png_.webp | 0.0.0.0 | | 0 B |
URL GET 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/games.1c05bd8a.png_.webp IP0.0.0.0:0
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/91a2c0FNEW/static/img/games.1c05bd8a.png_.webp HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/chunk-610ce0b6.596948bc.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:42 GMT
content-type: image/webp
expires: Thu, 01 May 2025 14:09:35 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-526c"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 161_yd-jiangsu-nanjing-17-cache-2[H,2]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/_wms/img/_l/_banner/banner-mkt-land-page-392efcb2cef1ed50a02369477827b06cb.jpg_.webp | 0.0.0.0 | | 0 B |
URL GET 91a2c0front.studentxi.com/cdn/91a2c0FNEW/_wms/img/_l/_banner/banner-mkt-land-page-392efcb2cef1ed50a02369477827b06cb.jpg_.webp IP0.0.0.0:0
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/91a2c0FNEW/_wms/img/_l/_banner/banner-mkt-land-page-392efcb2cef1ed50a02369477827b06cb.jpg_.webp HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:44 GMT
content-type: image/webp
expires: Thu, 01 May 2025 13:57:48 GMT
server: nginx
last-modified: Fri, 05 May 2023 04:41:16 GMT
vary: Accept-Encoding
etag: W/"645488ec-10266"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 169_yd-jiangsu-nanjing-17-cache-2[H,2]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/promotions.ec8024f2.png | 0.0.0.0 | | 0 B |
URL GET 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/promotions.ec8024f2.png IP0.0.0.0:0
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/91a2c0FNEW/static/img/promotions.ec8024f2.png HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:42 GMT
content-type: image/png
expires: Thu, 01 May 2025 13:57:22 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:55 GMT
vary: Accept-Encoding
etag: W/"662c914f-82c"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 161_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/sneijder.a5dab541.png | 0.0.0.0 | | 0 B |
URL GET 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/sneijder.a5dab541.png IP0.0.0.0:0
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/91a2c0FNEW/static/img/sneijder.a5dab541.png HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:42 GMT
content-type: image/png
expires: Thu, 01 May 2025 13:57:21 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-194c4"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 164_yd-jiangsu-nanjing-17-cache-2[H,2]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-2d213a8c.42dfb92b.js | 36.156.95.251 | 200 OK | 1.1 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-2d213a8c.42dfb92b.js IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typeASCII text, with very long lines (1176), with no line terminators Hashd0cba75aa33f6863afb7d52864ffd0fa dc3fc85cbb320eede481a043bbe029acdde2cf13 ac3ff405140bb00ca538ff10267a0287e4bfb498f7b1552368a44e7498fb534b
GET /cdn/91a2c0FNEW/static/js/chunk-2d213a8c.42dfb92b.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:42 GMT
content-type: application/javascript; charset=utf-8
expires: Thu, 01 May 2025 14:00:17 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-46e"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 170_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/fish.8bcbeea7.png_.webp | 0.0.0.0 | | 0 B |
URL GET 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/fish.8bcbeea7.png_.webp IP0.0.0.0:0
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/91a2c0FNEW/static/img/fish.8bcbeea7.png_.webp HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/chunk-610ce0b6.596948bc.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:42 GMT
content-type: image/webp
expires: Thu, 01 May 2025 14:01:53 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-53e6"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 176_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.jandemetal.com/cdn/91a2c0FNEW/cdn_test.txt?1714857398189 | 0.0.0.0 | | 0 B |
URL GET 91a2c0front.jandemetal.com/cdn/91a2c0FNEW/cdn_test.txt?1714857398189 IP0.0.0.0:0
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.jandemetal.com Fingerprint37:06:E3:6B:80:37:64:D2:E9:06:5E:7E:A1:D1:F0:DD:63:15:CB:D6 ValidityThu, 07 Mar 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/91a2c0FNEW/cdn_test.txt?1714857398189 HTTP/1.1
Host: 91a2c0front.jandemetal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://35.220.255.80:8888
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-5225c36c.1111dd9d.js | 36.156.95.251 | 200 OK | 3.4 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-5225c36c.1111dd9d.js IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (3463), with no line terminators Hasha9d949c389f054d1a402e62002fe0fa0 94a047def5b298763834769557f1b185fd7e113a 2e7e50145379cbcbdaac90da859ee6b899302eefbbaa04b2bbbb6c8a9f3bccd6
GET /cdn/91a2c0FNEW/static/js/chunk-5225c36c.1111dd9d.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:42 GMT
content-type: application/javascript; charset=utf-8
expires: Thu, 01 May 2025 13:53:44 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-d45"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 161_yd-jiangsu-nanjing-17-cache-2[H,2]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/chunk-74da40bc.5222d278.css | 36.156.95.251 | 200 OK | 6.2 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/chunk-74da40bc.5222d278.css IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typeASCII text, with very long lines (6235), with no line terminators Hasha87719267be6a421683c706f7ac01fa4 eabffdb7ed069a2a1040ba3426a2e372e26aeca4 9a3546ea5323fa0ebcb757d99f1eda77ec1c730982ba7037fbc4aab544c261c0
GET /cdn/91a2c0FNEW/static/css/chunk-74da40bc.5222d278.css HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:42 GMT
content-type: text/css
expires: Thu, 01 May 2025 14:01:34 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-185b"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 175_yd-jiangsu-nanjing-17-cache-2[H,3]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-2d0e62b6.644c0447.js | 36.156.95.251 | 200 OK | 1.5 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-2d0e62b6.644c0447.js IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typeASCII text, with very long lines (1559), with no line terminators Hash30d0b2a70fa33331395250effe4c446e 3a04e64fa18ca8252a7befb453ee94d637f9fec2 5eec6b76681e2f04ab821c252862a1958ffd042fe3a30c3e6cb0e090f6b6b96d
GET /cdn/91a2c0FNEW/static/js/chunk-2d0e62b6.644c0447.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:43 GMT
content-type: application/javascript; charset=utf-8
expires: Thu, 01 May 2025 13:57:01 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-5f9"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 166_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/sg.6ae2dc5b.svg | 36.156.95.251 | 200 OK | 997 B |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/sg.6ae2dc5b.svg IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash6bf2e659e8176506403907afe809cfc2 67b9a20cabdcbdb075d2e01301c766c946f33695 4baf62bb17089ba5d6a02b37593b10ce55768780c8dacb621309944dfe783354
GET /cdn/91a2c0FNEW/static/img/sg.6ae2dc5b.svg HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:47 GMT
content-type: image/svg+xml
content-length: 997
expires: Thu, 01 May 2025 13:57:03 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
etag: "662c9150-3e5"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-cc-via: 169_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-610ce0b6.7456ebcd.js | 36.156.95.251 | 200 OK | 37 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-610ce0b6.7456ebcd.js IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/91a2c0FNEW/static/js/chunk-610ce0b6.7456ebcd.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:42 GMT
content-type: application/javascript; charset=utf-8
expires: Thu, 01 May 2025 13:53:37 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-9017"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 171_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| sdk.51.la/js-sdk-pro.min.js | 47.246.44.239 | 200 OK | 34 kB |
URL GET HTTP/2sdk.51.la/js-sdk-pro.min.js IP47.246.44.239:443 ASN#24429 Zhejiang Taobao Network Co.,Ltd
Requested byhttps://www.tulsaroughnecks.com/ CertificateIssuerGlobalSign nv-sa Subject*.51.la Fingerprint9E:F3:EB:9A:59:E9:6D:6E:48:13:64:78:3C:33:1D:AA:79:52:5B:79 ValidityThu, 20 Apr 2023 01:12:57 GMT - Tue, 21 May 2024 01:12:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tulsaroughnecks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 12846
date: Sun, 28 Apr 2024 20:09:00 GMT
x-oss-request-id: 662EACDCE144DC3230A0C500
x-oss-cdn-auth: success
x-oss-object-type: Normal
x-oss-storage-class: Standard
content-md5: JLtSDpUX8u0+2Ye0aur3Iw==
x-oss-server-time: 3
ali-swift-global-savetime: 1714334940
via: cache15.l2de2[0,0,304-0,H], cache16.l2de2[7,0], ens-cache18.se2[0,0,200-0,H], ens-cache16.se2[0,0]
accept-ranges: bytes
vary: Accept-Encoding
last-modified: Thu, 08 Jun 2023 02:24:34 GMT
x-oss-hash-crc64ecma: 5143829838470429443
content-encoding: gzip
age: 522457
x-cache: HIT TCP_MEM_HIT dirn:6:7882094
x-swift-savetime: Tue, 30 Apr 2024 18:23:07 GMT
x-swift-cachetime: 1129553
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 2ff62ca417148573972156829e
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/store.19302b60.js | 36.156.95.251 | 200 OK | 53 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/store.19302b60.js IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/91a2c0FNEW/static/js/store.19302b60.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:41 GMT
content-type: application/javascript; charset=utf-8
expires: Sat, 03 May 2025 10:43:31 GMT
server: nginx
last-modified: Fri, 03 May 2024 07:05:16 GMT
vary: Accept-Encoding
etag: W/"66348cac-cea3"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 162_yd-jiangsu-nanjing-17-cache-2[H,5]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/chunk-01d0b1ae.1e4db76c.css | 36.156.95.251 | 200 OK | 5.1 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/chunk-01d0b1ae.1e4db76c.css IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typeASCII text, with very long lines (5109), with no line terminators Hashdc3a3622dabb358c0cbe649aaca29f7d 19f7b51c1f0f7092823d50e65571b8e22b273dd1 c8da20a3f6428321093a2ca8db9f7f3febf58ad1562583e701910170ddf8bcad
GET /cdn/91a2c0FNEW/static/css/chunk-01d0b1ae.1e4db76c.css HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:42 GMT
content-type: text/css
expires: Thu, 01 May 2025 13:56:23 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-13f5"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 162_yd-jiangsu-nanjing-17-cache-2[H,8]
X-Firefox-Spdy: h2
|
|
| www.tulsaroughnecks.com/js/data.js | 38.207.232.196 | 200 OK | 222 kB |
URL GET HTTP/2www.tulsaroughnecks.com/js/data.js IP38.207.232.196:443
Requested byhttps://www.tulsaroughnecks.com/Year_by_Year.html CertificateIssuerLet's Encrypt Subjecttulsaroughnecks.com Fingerprint4F:2C:6A:99:12:DA:26:21:6A:BE:EC:9F:E0:92:F0:1F:64:C7:11:79 ValiditySun, 04 Feb 2024 18:00:00 GMT - Sat, 04 May 2024 17:59:59 GMT
Size222 kB (221524 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/data.js HTTP/1.1
Host: www.tulsaroughnecks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tulsaroughnecks.com/Year_by_Year.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 21:16:29 GMT
content-type: application/javascript
last-modified: Sat, 26 Feb 2022 03:56:05 GMT
vary: Accept-Encoding
etag: W/"6219a4d5-36154"
expires: Sun, 05 May 2024 09:16:29 GMT
cache-control: max-age=43200
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/th.3530959a.svg | 36.156.95.251 | 200 OK | 178 B |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/th.3530959a.svg IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash2a22be6e0e484dbab6efce4f9499d232 1969f4534c2883fa87a5447aa2c63a7d2136df1b ba6f934faf7792eea47295da33280eaf09fe40ddc2ae2b215d4b57d60cc829e3
GET /cdn/91a2c0FNEW/static/img/th.3530959a.svg HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:47 GMT
content-type: image/svg+xml
content-length: 178
expires: Thu, 01 May 2025 13:57:03 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
etag: "662c9150-b2"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-cc-via: 174_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/chunk-582bc910.801274cd.css | 36.156.95.251 | 200 OK | 3.9 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/css/chunk-582bc910.801274cd.css IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typeASCII text, with very long lines (3903), with no line terminators Hash21b53eea8e46be0d06a75aa22c1e40bb 9a29c576b11352dbd3283909fe8d26df5a728042 ceb69d47b8fd8ae967deb60b79f07015ffe601d093520a676fd37da603cf31d4
GET /cdn/91a2c0FNEW/static/css/chunk-582bc910.801274cd.css HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:42 GMT
content-type: text/css
expires: Thu, 01 May 2025 13:56:23 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-f3f"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 179_yd-jiangsu-nanjing-17-cache-2[H,3]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/axios.09c7f502.js | 36.156.95.251 | 200 OK | 32 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/axios.09c7f502.js IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (26922) Hash27a124b153fdf73e367ad6a679930ec8 5eeb1f03c61ec6963a7fe8b7cc67ae6dcff80139 2eae872c67d566a967ae20d62538ac56b423e26f9c0e2b86ecbd9b3f19cb6fd2
GET /cdn/91a2c0FNEW/static/js/axios.09c7f502.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:41 GMT
content-type: application/javascript; charset=utf-8
expires: Thu, 01 May 2025 13:51:59 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-7b21"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 171_yd-jiangsu-nanjing-17-cache-2[H,4]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/3s/3s_web_detect.js?product=91a2c0&module=frontend_web&v=20240424 | 36.156.95.251 | 200 OK | 53 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/3s/3s_web_detect.js?product=91a2c0&module=frontend_web&v=20240424 IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/91a2c0FNEW/3s/3s_web_detect.js?product=91a2c0&module=frontend_web&v=20240424 HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:41 GMT
content-type: application/javascript; charset=utf-8
expires: Thu, 01 May 2025 13:52:26 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-ce2d"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 161_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/yayaMatch.9e4217ef.png | 0.0.0.0 | | 0 B |
URL GET 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/yayaMatch.9e4217ef.png IP0.0.0.0:0
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/91a2c0FNEW/static/img/yayaMatch.9e4217ef.png HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:42 GMT
content-type: image/png
expires: Thu, 01 May 2025 13:57:21 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:55 GMT
vary: Accept-Encoding
etag: W/"662c914f-2f635"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 171_yd-jiangsu-nanjing-17-cache-2[H,2]
X-Firefox-Spdy: h2
|
|
| ips2.io/ws?&appId=E2110C2DC886499B9C8E18A4DCECADD4 | 0.0.0.0 | | 0 B |
URL GET ips2.io/ws?&appId=E2110C2DC886499B9C8E18A4DCECADD4 IP0.0.0.0:0
Requested byhttps://35.220.255.80:8888/MktLand
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws?&appId=E2110C2DC886499B9C8E18A4DCECADD4 HTTP/1.1
Host: ips2.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://35.220.255.80:8888
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gR31XkDFC1dO+o69dSLYjQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/_wms/static/_l/_data/version/versionControl.json?1714857402870 | 36.156.95.251 | 200 OK | 1.5 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/_wms/static/_l/_data/version/versionControl.json?1714857402870 IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (1675), with no line terminators Hashff628a9f3ff7d336382f98f794082026 b8b993613be6b268a5b7a1ed302836b02b36624f 592999fe9dda5137dadc79bb5ab1b74598eae23ca170f6bfc3d6ae693f2254b6
GET /cdn/91a2c0FNEW/_wms/static/_l/_data/version/versionControl.json?1714857402870 HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://35.220.255.80:8888
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:43 GMT
content-type: application/json
expires: Sat, 04 May 2024 21:16:43 GMT
server: nginx
last-modified: Fri, 03 May 2024 12:24:01 GMT
vary: Accept-Encoding
etag: W/"6634d761-60b"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 73_SG-singapore-singapore-8-cache-2[M,46],173_yd-jiangsu-nanjing-17-cache-2[M,734]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/ph.62b10c25.svg | 36.156.95.251 | 200 OK | 951 B |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/ph.62b10c25.svg IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash892f96209ff0f30c676e76ac5d403a95 44f77e0a14b957537f5d2d23a7f1846947396aba 1a867c80b0b80a8bd3aebd6e4f61c4ed14e6212ff90d5d6f32fdd600ed67fa55
GET /cdn/91a2c0FNEW/static/img/ph.62b10c25.svg HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:47 GMT
content-type: image/svg+xml
content-length: 951
expires: Thu, 01 May 2025 13:57:02 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
etag: "662c9150-3b7"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-cc-via: 173_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-2d0e9b8f.52c279d9.js | 36.156.95.251 | 200 OK | 10 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-2d0e9b8f.52c279d9.js IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (10471), with no line terminators Hash4e0371e0012c4f4e75a2600125bf1943 ac29054608969d940f7dd291217f25b02754a603 f92b9817a6238b93aa0675752564bf03b91ec1ebf1d91f16a823c98099d10b2a
GET /cdn/91a2c0FNEW/static/js/chunk-2d0e9b8f.52c279d9.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:43 GMT
content-type: application/javascript; charset=utf-8
expires: Sun, 04 May 2025 19:56:15 GMT
server: nginx
last-modified: Fri, 03 May 2024 07:05:16 GMT
vary: Accept-Encoding
etag: W/"66348cac-28e7"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 163_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/search.9b32a87b.svg | 36.156.95.251 | 200 OK | 2.0 kB |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/search.9b32a87b.svg IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashb9f8a278aacad8dba611796b6ebfe434 7acde3de8ce8a9d13946e14f3b82881c22dc50e7 62ff866c642abd99ec3ab265b7d26f1cfe4dfc866cc0f73141701fb9265abf2b
GET /cdn/91a2c0FNEW/static/img/search.9b32a87b.svg HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:42 GMT
content-type: image/svg+xml
expires: Fri, 02 May 2025 23:22:15 GMT
server: nginx
last-modified: Thu, 02 May 2024 03:56:30 GMT
etag: "66330eee-7ee"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-cc-via: 169_yd-jiangsu-nanjing-17-cache-2[H,2]
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/updatedJackpotIcon.f5765881.png_.webp | 0.0.0.0 | | 0 B |
URL GET 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/updatedJackpotIcon.f5765881.png_.webp IP0.0.0.0:0
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/91a2c0FNEW/static/img/updatedJackpotIcon.f5765881.png_.webp HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:42 GMT
content-type: image/webp
expires: Thu, 01 May 2025 21:16:43 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-526e"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 171_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/pay.e1366e9d.png_.webp | 0.0.0.0 | | 0 B |
URL GET 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/img/pay.e1366e9d.png_.webp IP0.0.0.0:0
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn/91a2c0FNEW/static/img/pay.e1366e9d.png_.webp HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:42 GMT
content-type: image/webp
expires: Thu, 01 May 2025 13:57:21 GMT
server: nginx
last-modified: Sat, 27 Apr 2024 05:46:56 GMT
vary: Accept-Encoding
etag: W/"662c9150-7230"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
x-cc-via: 175_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| 91a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-2d0c9ad9.d7c88103.js | 36.156.95.251 | 200 OK | 665 B |
URL GET HTTP/291a2c0front.studentxi.com/cdn/91a2c0FNEW/static/js/chunk-2d0c9ad9.d7c88103.js IP36.156.95.251:443 ASN#56046 China Mobile communications corporation
Requested byhttps://35.220.255.80:8888/MktLand CertificateIssuerSectigo Limited Subject*.studentxi.com FingerprintCA:D1:05:01:4F:47:79:6B:94:6E:39:CB:EE:32:40:73:19:AF:D1:FE ValidityMon, 18 Mar 2024 00:00:00 GMT - Tue, 18 Mar 2025 23:59:59 GMT
File typeASCII text, with very long lines (701), with no line terminators Hashd2d66881fd51bd744016d480a2db9c95 d7ca375be7dade9fdb54f902c1923cd2e6526aeb b49b324c2cd5018499f268dc8401832eda57e8e8a09038ea453a2a7ba2fbad0f
GET /cdn/91a2c0FNEW/static/js/chunk-2d0c9ad9.d7c88103.js HTTP/1.1
Host: 91a2c0front.studentxi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 21:16:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 665
expires: Sun, 04 May 2025 20:00:30 GMT
server: nginx
last-modified: Fri, 03 May 2024 07:05:16 GMT
etag: "66348cac-299"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
vary: Accept-Encoding
x-cc-via: 163_yd-jiangsu-nanjing-17-cache-2[H,1]
X-Firefox-Spdy: h2
|
|
| domain_status/ | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://35.220.255.80:8888/MktLand
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: domain_status
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://35.220.255.80:8888
DNT: 1
Connection: keep-alive
Referer: https://35.220.255.80:8888/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|