| | 101.32.246.165 | 301 Moved Permanently | 162 B |
URL User Request GET HTTP/2IP101.32.246.165:443 ASN#132203 Tencent Building, Kejizhongyi Avenue
CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 18 Apr 2024 20:50:14 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://winflytech.com/
Strict-Transport-Security: max-age=31536000
|
|
| | 101.32.246.165 | 301 Moved Permanently | 162 B |
URL User Request GET HTTP/2IP101.32.246.165:443 ASN#132203 Tencent Building, Kejizhongyi Avenue
CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 18 Apr 2024 20:50:17 GMT
content-type: text/html
content-length: 162
location: https://www.winflytech.com/
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| at.alicdn.com/t/font_1152918_xmklah1ag7f.woff2 | 47.246.44.251 | 200 OK | 17 kB |
URL GET HTTP/2at.alicdn.com/t/font_1152918_xmklah1ag7f.woff2 IP47.246.44.251:443 ASN#24429 Zhejiang Taobao Network Co.,Ltd
Requested byhttps://www.winflytech.com/ CertificateIssuerGlobalSign nv-sa Subject*.tbcdn.cn Fingerprint29:04:BE:E6:49:30:F7:DC:C0:BE:56:8F:B4:AC:24:9B:50:1A:F7:E2 ValidityTue, 26 Dec 2023 03:36:04 GMT - Tue, 30 Jul 2024 02:26:11 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 17396, version 1.0 Hash11df889f4a1519bf849de365266871c9 4eab6fb1e294098171e06eb236f4141098ccece9 26895caa3817cd419dcf40cda1e67dc0e1ed8ed3ddedbf22d327ed70f0fe09a3
GET /t/font_1152918_xmklah1ag7f.woff2 HTTP/1.1
Host: at.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.winflytech.com
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: font/woff2
content-length: 17396
date: Thu, 18 Apr 2024 20:50:28 GMT
x-oss-request-id: 66218794FC091B323326CE4B
vary: Origin
accept-ranges: bytes
etag: "11DF889F4A1519BF849DE365266871C9"
last-modified: Fri, 24 Dec 2021 10:56:59 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13112471381034549150
x-oss-storage-class: Standard
cache-control: max-age=63072000
content-md5: Ed+In0oVGb+EneNlJmhxyQ==
x-oss-server-time: 3
ali-swift-global-savetime: 1713473428
via: cache27.l2fr1[510,510,200-0,M], cache30.l2fr1[511,0], ens-cache12.se2[547,547,200-0,M], ens-cache15.se2[547,0]
age: 0
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Thu, 18 Apr 2024 20:50:28 GMT
x-swift-cachetime: 31104000
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 2ff62ca317134734276948355e
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Scripts/jquery.SuperSlide.2.1.1.js | 101.32.246.165 | 404 Not Found | 146 B |
URL GET HTTP/2www.winflytech.com/wp-content/themes/pmjs/Scripts/jquery.SuperSlide.2.1.1.js IP101.32.246.165:443 ASN#132203 Tencent Building, Kejizhongyi Avenue
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash8eec510e57f5f732fd2cce73df7b73ef 3c0af39ecb3753c5fee3b53d063c7286019eac3b 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Scripts/jquery.SuperSlide.2.1.1.js HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Cookie: pll_language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 18 Apr 2024 20:50:21 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Images/head_line.jpg | 101.32.246.165 | 200 OK | 1.4 kB |
URL GET HTTP/2www.winflytech.com/wp-content/themes/pmjs/Images/head_line.jpg IP101.32.246.165:443 ASN#132203 Tencent Building, Kejizhongyi Avenue
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1x68, components 3 Hash076b6a4877e87f6007257a9b1ac11037 bc557ee527fb67482eb87082742860681369fd15 ec2e6fe29cd43b6935b902c31b80272c925cbcace1b9777b5f500d0be938333e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Images/head_line.jpg HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/wp-content/themes/pmjs/Css/style.css
Cookie: pll_language=de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:27 GMT
content-type: image/jpeg
content-length: 1444
last-modified: Mon, 15 Aug 2022 08:39:23 GMT
etag: "62fa063b-5a4"
expires: Sat, 18 May 2024 20:50:27 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Images/nav_line.png | 101.32.246.165 | 200 OK | 927 B |
URL GET HTTP/2www.winflytech.com/wp-content/themes/pmjs/Images/nav_line.png IP101.32.246.165:443 ASN#132203 Tencent Building, Kejizhongyi Avenue
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
File typePNG image data, 1 x 15, 8-bit/color RGBA, non-interlaced Hashe7cacb43fd04403d5a1260e53d603ae0 eac8047a9ed740d93cf1b11a7329812ba7c0302a 90154209bb31c60f9e161a922800754700da61798680fadd2ad50392bffbbda5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Images/nav_line.png HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/wp-content/themes/pmjs/Css/style.css
Cookie: pll_language=de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:27 GMT
content-type: image/png
content-length: 927
last-modified: Mon, 15 Aug 2022 08:39:26 GMT
etag: "62fa063e-39f"
expires: Sat, 18 May 2024 20:50:27 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Scripts/jquery.SuperSlide.2.1.1.js | 101.32.246.165 | 404 Not Found | 146 B |
URL GET HTTP/2www.winflytech.com/wp-content/themes/pmjs/Scripts/jquery.SuperSlide.2.1.1.js IP101.32.246.165:443 ASN#132203 Tencent Building, Kejizhongyi Avenue
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash8eec510e57f5f732fd2cce73df7b73ef 3c0af39ecb3753c5fee3b53d063c7286019eac3b 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Scripts/jquery.SuperSlide.2.1.1.js HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Cookie: pll_language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 18 Apr 2024 20:50:29 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Images/pageadv_bg.jpg | 101.32.246.165 | 200 OK | 56 kB |
URL GET HTTP/2www.winflytech.com/wp-content/themes/pmjs/Images/pageadv_bg.jpg IP101.32.246.165:443 ASN#132203 Tencent Building, Kejizhongyi Avenue
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x250, components 3 Hash48b34e8e538b605c9e721e2298cb4a5d d9e568778ae6dab4be71b53c6793db260926a64a 2352501c41fddb7b35fc4672a8fe91395c136f458760032ef02102f208fdd952
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Images/pageadv_bg.jpg HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/wp-content/themes/pmjs/Css/style.css
Cookie: pll_language=de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:27 GMT
content-type: image/jpeg
content-length: 56398
last-modified: Mon, 15 Aug 2022 08:39:27 GMT
etag: "62fa063f-dc4e"
expires: Sat, 18 May 2024 20:50:27 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Images/tel2.png | 101.32.246.165 | 200 OK | 1.9 kB |
URL GET HTTP/2www.winflytech.com/wp-content/themes/pmjs/Images/tel2.png IP101.32.246.165:443 ASN#132203 Tencent Building, Kejizhongyi Avenue
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
File typePNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced Hash9a9a35941d0b410d871725115420aa66 f2e63872f367b5e248ab15ce230ee4acfd5ee208 74e82091243f1c78d11d01252412a318ca4bf8cfb080f202e189583c5f579a08
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Images/tel2.png HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/wp-content/themes/pmjs/Css/style.css
Cookie: pll_language=de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:27 GMT
content-type: image/png
content-length: 1946
last-modified: Mon, 15 Aug 2022 08:39:30 GMT
etag: "62fa0642-79a"
expires: Sat, 18 May 2024 20:50:27 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Images/news_bg.jpg | 101.32.246.165 | 200 OK | 1.5 kB |
URL GET HTTP/2www.winflytech.com/wp-content/themes/pmjs/Images/news_bg.jpg IP101.32.246.165:443 ASN#132203 Tencent Building, Kejizhongyi Avenue
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 50x50, components 3 Hash9118fd6185df1812d85d473a90ddd9b3 2b9707ea87dfd3292f33bf2ce8ffea493e723871 e42ca47f2ff259a596bd147f95c49d276862458837cc028e0a4743ad0004bc0f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Images/news_bg.jpg HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/wp-content/themes/pmjs/Css/style.css
Cookie: pll_language=de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:27 GMT
content-type: image/jpeg
content-length: 1530
last-modified: Mon, 15 Aug 2022 08:39:26 GMT
etag: "62fa063e-5fa"
expires: Sat, 18 May 2024 20:50:27 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Images/about_bg.jpg | 101.32.246.165 | 200 OK | 230 kB |
URL GET HTTP/2www.winflytech.com/wp-content/themes/pmjs/Images/about_bg.jpg IP101.32.246.165:443 ASN#132203 Tencent Building, Kejizhongyi Avenue
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1919x900, components 3 Size230 kB (229557 bytes) Hash091dcdbea85dd5819de0c140cccdcbc1 1fb60afd7eed762158f12d90cd1dfdf4fab06fd5 5c67dd9a9706f3a4ffa7eaa9a004f7e7ec9856238ede6dd0ea8333d7990adac2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Images/about_bg.jpg HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/wp-content/themes/pmjs/Css/style.css
Cookie: pll_language=de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:27 GMT
content-type: image/jpeg
content-length: 229557
last-modified: Mon, 15 Aug 2022 08:39:20 GMT
etag: "62fa0638-380b5"
expires: Sat, 18 May 2024 20:50:27 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Picture/logo.png | 101.32.246.165 | 200 OK | 100 kB |
URL GET HTTP/2www.winflytech.com/wp-content/themes/pmjs/Picture/logo.png IP101.32.246.165:443 ASN#132203 Tencent Building, Kejizhongyi Avenue
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
File typePNG image data, 696 x 397, 8-bit/color RGBA, non-interlaced Size100 kB (100495 bytes) Hash5d8cd46f06951d17a4b23c62126b34f3 63f73bea873c6f1a2118ad406f72cc809d6dda26 b016772037e8dc68f0e330200f58fc0a9d4a84cfb177ed9b8c384ee2e8dccc59
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Picture/logo.png HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Cookie: pll_language=de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:21 GMT
content-type: image/png
content-length: 100495
last-modified: Mon, 15 Aug 2022 08:39:46 GMT
etag: "62fa0652-1888f"
expires: Sat, 18 May 2024 20:50:21 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1.staticec.com/kf/sdk/js/ec_cs.js | 119.167.147.251 | 200 OK | 74 kB |
URL GET HTTP/21.staticec.com/kf/sdk/js/ec_cs.js IP119.167.147.251:443 ASN#4837 CHINA UNICOM China169 Backbone
Requested byhttps://www.winflytech.com/ CertificateIssuerTrustAsia Technologies, Inc. Subject*.staticec.com Fingerprint89:94:52:F6:4D:35:DF:E6:0D:1C:93:E3:21:52:2F:FD:71:D1:14:E1 ValidityThu, 10 Aug 2023 00:00:00 GMT - Fri, 09 Aug 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (62251), with no line terminators Hash5c8c60113d862487d7b5eebe5df4a57e 1d817c55ac09e4bab55551694db088efa9435763 81371ae0a275094a970b9e1b65229e9b55c1d5c96cf5780f38dd16d1387ba6f4
GET /kf/sdk/js/ec_cs.js HTTP/1.1
Host: 1.staticec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Wed, 10 Jan 2024 11:04:28 GMT
content-encoding: gzip
etag: W/"659e79bc-2e606"
date: Mon, 15 Apr 2024 11:09:38 GMT
content-type: application/javascript
expires: Mon, 15 Apr 2024 11:19:38 GMT
x-powered-by: qcloudlnmp-4
access-control-allow-methods: GET
access-control-allow-origin: *
x-request-id: ea9de7de79a5b5ff9a59e543ecf5eae5
server: Lego Server
cache-control: max-age=600
age: 508
content-length: 74121
accept-ranges: bytes
x-nws-log-uuid: 188825113973279451
x-cache-lookup: Cache Hit
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Images/favicon.ico | 101.32.246.165 | 200 OK | 1.2 kB |
URL GET HTTP/2www.winflytech.com/wp-content/themes/pmjs/Images/favicon.ico IP101.32.246.165:443 ASN#132203 Tencent Building, Kejizhongyi Avenue
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hashb7a2090824c6ee911f2e6cc985fd26b8 becb680de04704a37fa66b9488f40a1ba77624ae c459d926bcd2b36d10d74943ac4fc3c6966caf9c15465a1f3ab028d0d1e63476
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Images/favicon.ico HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Cookie: pll_language=de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:33 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Mon, 15 Aug 2022 08:39:23 GMT
etag: "62fa063b-47e"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Images/fqcj.png | 101.32.246.165 | 200 OK | 124 kB |
URL GET HTTP/2www.winflytech.com/wp-content/themes/pmjs/Images/fqcj.png IP101.32.246.165:443 ASN#132203 Tencent Building, Kejizhongyi Avenue
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
File typePNG image data, 301 x 202, 8-bit/color RGBA, non-interlaced Size124 kB (124046 bytes) Hashef4bae6928a36e540aa9540f80e32eb8 33595453ead6af32b17f83e39f536649144fc142 a76f32e7e98027d8fcaf564eeabecb5097f15ecd7d312660a4a0fe6beb74619b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Images/fqcj.png HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Cookie: pll_language=de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:21 GMT
content-type: image/png
content-length: 124046
last-modified: Mon, 15 Aug 2022 08:39:23 GMT
etag: "62fa063b-1e48e"
expires: Sat, 18 May 2024 20:50:21 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Images/about.jpg | 101.32.246.165 | | 131 kB |
URL GET www.winflytech.com/wp-content/themes/pmjs/Images/about.jpg IP101.32.246.165:0 ASN#132203 Tencent Building, Kejizhongyi Avenue
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=700, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1000], progressive, precision 8, 420x273, components 3 Size131 kB (131239 bytes) Hash806a7b5a13866c11e8d427ddfe735aeb 9ac2716b1fc07cebf6179cd127ef6615634795bf 35d99b86d8c8254f03ff9f2497898c960df39cbef1e9e6a2ade248cad8640fe0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Images/about.jpg HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Cookie: pll_language=de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:21 GMT
content-type: image/jpeg
content-length: 131239
last-modified: Mon, 15 Aug 2022 08:39:20 GMT
etag: "62fa0638-200a7"
expires: Sat, 18 May 2024 20:50:21 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Images/tfsccj.png | 101.32.246.165 | | 160 kB |
URL GET www.winflytech.com/wp-content/themes/pmjs/Images/tfsccj.png IP101.32.246.165:0 ASN#132203 Tencent Building, Kejizhongyi Avenue
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
File typePNG image data, 301 x 201, 8-bit/color RGBA, non-interlaced Size160 kB (159812 bytes) Hash9ca72b50486f003ed295cff63897ca9f 03e43febfcf5e42ceaf32dcbf5500d2c73795f81 c7da6d9edcc88eefa8a40688ea57f19b9fd857d0f371e5aa1e565a8a8dd0b127
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Images/tfsccj.png HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Cookie: pll_language=de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:21 GMT
content-type: image/png
content-length: 159812
last-modified: Mon, 15 Aug 2022 08:39:31 GMT
etag: "62fa0643-27044"
expires: Sat, 18 May 2024 20:50:21 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Images/thcj.png | 101.32.246.165 | | 155 kB |
URL GET www.winflytech.com/wp-content/themes/pmjs/Images/thcj.png IP101.32.246.165:0 ASN#132203 Tencent Building, Kejizhongyi Avenue
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
File typePNG image data, 301 x 201, 8-bit/color RGBA, non-interlaced Size155 kB (154709 bytes) Hash6198c6dbff836309dc5809c8c47c4407 bb73ccf16f383d312eee40988d4d0ae878a90730 beb243b88ee4e8328c2a835b2c36c80f8f646230d70ec20a2a1efa262ab85257
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Images/thcj.png HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Cookie: pll_language=de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:21 GMT
content-type: image/png
content-length: 154709
last-modified: Mon, 15 Aug 2022 08:39:31 GMT
etag: "62fa0643-25c55"
expires: Sat, 18 May 2024 20:50:21 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Picture/wx.png | 101.32.246.165 | | 135 kB |
URL GET www.winflytech.com/wp-content/themes/pmjs/Picture/wx.png IP101.32.246.165:0 ASN#132203 Tencent Building, Kejizhongyi Avenue
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
File typePNG image data, 300 x 300, 8-bit/color RGB, non-interlaced Size135 kB (135128 bytes) Hash42ebd4e8f6b01bbf914ee414d5a9822a 8dd40bbc76e4b89ee702f9b6a33eb7effcb1ddb1 8e1b680767f9cdb09f8756dc07389f4feb415e7245fd6a4406cc08f425ce1b1a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Picture/wx.png HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Cookie: pll_language=de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:21 GMT
content-type: image/png
content-length: 135128
last-modified: Mon, 15 Aug 2022 08:39:46 GMT
etag: "62fa0652-20fd8"
expires: Sat, 18 May 2024 20:50:21 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| | 101.32.246.165 | 200 OK | 12 kB |
URL User Request GET HTTP/2IP101.32.246.165:443 ASN#132203 Tencent Building, Kejizhongyi Avenue
CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:18 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: pll_language=de; expires=Fri, 18-Apr-2025 20:50:18 GMT; Max-Age=31536000; path=/; secure; SameSite=Lax
link: <https://www.winflytech.com/wp-json/>; rel="https://api.w.org/"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Css/responsive.css | 101.32.246.165 | 200 OK | 16 kB |
URL GET HTTP/2www.winflytech.com/wp-content/themes/pmjs/Css/responsive.css IP101.32.246.165:443 ASN#132203 Tencent Building, Kejizhongyi Avenue
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Css/responsive.css HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Cookie: pll_language=de
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:21 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 08:39:15 GMT
vary: Accept-Encoding
etag: W/"62fa0633-408d"
expires: Fri, 19 Apr 2024 08:50:21 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Css/swiper.min.css | 101.32.246.165 | 200 OK | 18 kB |
URL GET HTTP/2www.winflytech.com/wp-content/themes/pmjs/Css/swiper.min.css IP101.32.246.165:443 ASN#132203 Tencent Building, Kejizhongyi Avenue
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Css/swiper.min.css HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Cookie: pll_language=de
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:21 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 08:39:15 GMT
vary: Accept-Encoding
etag: W/"62fa0633-4562"
expires: Fri, 19 Apr 2024 08:50:21 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Scripts/wow.min.js | 101.32.246.165 | 200 OK | 7.1 kB |
URL GET HTTP/2www.winflytech.com/wp-content/themes/pmjs/Scripts/wow.min.js IP101.32.246.165:443 ASN#132203 Tencent Building, Kejizhongyi Avenue
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
File typeJavaScript source, ASCII text, with very long lines (7143), with no line terminators Hash96e14f6860402f721008d73e300c8355 94dc5edef13b46cf944b1a403d63275f3e15c0e0 db6f1ca31f355000b07144bf621f2381d7befba024acb9a2a7a58597c9e62b15
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Scripts/wow.min.js HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Cookie: pll_language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:21 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 08:39:48 GMT
vary: Accept-Encoding
etag: W/"62fa0654-1b91"
expires: Fri, 19 Apr 2024 08:50:21 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Scripts/jquery.min.js | 101.32.246.165 | 200 OK | 93 kB |
URL GET HTTP/2www.winflytech.com/wp-content/themes/pmjs/Scripts/jquery.min.js IP101.32.246.165:443 ASN#132203 Tencent Building, Kejizhongyi Avenue
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
File typeJavaScript source, ASCII text, with very long lines (32089) Hash397754ba49e9e0cf4e7c190da78dda05 ae49e56999d82802727455f0ba83b63acd90a22b c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Scripts/jquery.min.js HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Cookie: pll_language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:21 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 08:39:48 GMT
vary: Accept-Encoding
etag: W/"62fa0654-169d5"
expires: Fri, 19 Apr 2024 08:50:21 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Images/banner1.jpg | 0.0.0.0 | | 0 B |
URL GET www.winflytech.com/wp-content/themes/pmjs/Images/banner1.jpg IP0.0.0.0:0
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Images/banner1.jpg HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Cookie: pll_language=de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:21 GMT
content-type: image/jpeg
content-length: 498289
last-modified: Mon, 22 Aug 2022 02:19:50 GMT
etag: "6302e7c6-79a71"
expires: Sat, 18 May 2024 20:50:21 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Scripts/swiper.min.js | 101.32.246.165 | 200 OK | 96 kB |
URL GET HTTP/2www.winflytech.com/wp-content/themes/pmjs/Scripts/swiper.min.js IP101.32.246.165:443 ASN#132203 Tencent Building, Kejizhongyi Avenue
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
File typeJavaScript source, ASCII text, with very long lines (31999) Hashfb13ef3e875ca3497ede35d3774be9d3 ab0743a89d522438c17ae7eaf5943fd4590ee3d0 4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Scripts/swiper.min.js HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Cookie: pll_language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:21 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 08:39:48 GMT
vary: Accept-Encoding
etag: W/"62fa0654-178a3"
expires: Fri, 19 Apr 2024 08:50:21 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Scripts/index.js | 101.32.246.165 | 200 OK | 6.9 kB |
URL GET HTTP/2www.winflytech.com/wp-content/themes/pmjs/Scripts/index.js IP101.32.246.165:443 ASN#132203 Tencent Building, Kejizhongyi Avenue
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (7150), with no line terminators Hashdafc3d57bfd3a4550303ab8c1d79a412 a19579691ab84e91be7543210800bc8be8c424a6 f8564068739f14b35737ea2717c6baae362d0f5341d5e5c99e59d4abd6d8b8ce
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Scripts/index.js HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Cookie: pll_language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:21 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 08:39:47 GMT
vary: Accept-Encoding
etag: W/"62fa0653-1acb"
expires: Fri, 19 Apr 2024 08:50:21 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Images/banner5.jpg | 0.0.0.0 | | 0 B |
URL GET www.winflytech.com/wp-content/themes/pmjs/Images/banner5.jpg IP0.0.0.0:0
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Images/banner5.jpg HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Cookie: pll_language=de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:21 GMT
content-type: image/jpeg
content-length: 394503
last-modified: Mon, 22 Aug 2022 02:06:17 GMT
etag: "6302e499-60507"
expires: Sat, 18 May 2024 20:50:21 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Images/hys.png | 0.0.0.0 | | 0 B |
URL GET www.winflytech.com/wp-content/themes/pmjs/Images/hys.png IP0.0.0.0:0
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Images/hys.png HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Cookie: pll_language=de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:21 GMT
content-type: image/png
content-length: 288563
last-modified: Mon, 15 Aug 2022 08:39:24 GMT
etag: "62fa063c-46733"
expires: Sat, 18 May 2024 20:50:21 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Images/bgq.jpg | 0.0.0.0 | | 0 B |
URL GET www.winflytech.com/wp-content/themes/pmjs/Images/bgq.jpg IP0.0.0.0:0
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Images/bgq.jpg HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Cookie: pll_language=de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:21 GMT
content-type: image/jpeg
content-length: 380729
last-modified: Mon, 15 Aug 2022 08:39:22 GMT
etag: "62fa063a-5cf39"
expires: Sat, 18 May 2024 20:50:21 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Css/common.css | 101.32.246.165 | 200 OK | 5.7 kB |
URL GET HTTP/2www.winflytech.com/wp-content/themes/pmjs/Css/common.css IP101.32.246.165:443 ASN#132203 Tencent Building, Kejizhongyi Avenue
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
File typeUnicode text, UTF-8 text, with very long lines (5715), with no line terminators Hash45d0ea451ec21170de1fe5255d145843 00aa9dcfcda5b849d4b704947738ae489fb3ae56 43901c664a2dc5a5fada886d69cc8540d844bd176dba8ce43c43c612247c0c5e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Css/common.css HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Cookie: pll_language=de
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:21 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 08:39:15 GMT
vary: Accept-Encoding
etag: W/"62fa0633-1673"
expires: Fri, 19 Apr 2024 08:50:21 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Images/banner2.jpg | 0.0.0.0 | | 0 B |
URL GET www.winflytech.com/wp-content/themes/pmjs/Images/banner2.jpg IP0.0.0.0:0
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Images/banner2.jpg HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Cookie: pll_language=de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:21 GMT
content-type: image/jpeg
content-length: 551940
last-modified: Mon, 15 Aug 2022 08:39:21 GMT
etag: "62fa0639-86c04"
expires: Sat, 18 May 2024 20:50:21 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| kf.ecqun.com/index/index/init?CorpID=16875309&corpid=16875309&referUrl=&visitUrl=https%3A%2F%2Fwww.winflytech.com%2F&title=Shenzhen%20Winfly%20New%20&type=0&cskey=dWPAY1p1xxaZNe4inv&scheme=0&storage=&callback=getJSON_17134734342800_9417689568650941 | 0.0.0.0 | | 0 B |
URL GET kf.ecqun.com/index/index/init?CorpID=16875309&corpid=16875309&referUrl=&visitUrl=https%3A%2F%2Fwww.winflytech.com%2F&title=Shenzhen%20Winfly%20New%20&type=0&cskey=dWPAY1p1xxaZNe4inv&scheme=0&storage=&callback=getJSON_17134734342800_9417689568650941 IP0.0.0.0:0
Requested byhttps://www.winflytech.com/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /index/index/init?CorpID=16875309&corpid=16875309&referUrl=&visitUrl=https%3A%2F%2Fwww.winflytech.com%2F&title=Shenzhen%20Winfly%20New%20&type=0&cskey=dWPAY1p1xxaZNe4inv&scheme=0&storage=&callback=getJSON_17134734342800_9417689568650941 HTTP/1.1
Host: kf.ecqun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| www.winflytech.com/wp-content/themes/pmjs/Css/animate.css | 101.32.246.165 | 200 OK | 73 kB |
URL GET HTTP/2www.winflytech.com/wp-content/themes/pmjs/Css/animate.css IP101.32.246.165:443 ASN#132203 Tencent Building, Kejizhongyi Avenue
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Css/animate.css HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Cookie: pll_language=de
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:21 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 08:39:14 GMT
vary: Accept-Encoding
etag: W/"62fa0632-11b6c"
expires: Fri, 19 Apr 2024 08:50:21 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Css/style.css | 101.32.246.165 | 200 OK | 44 kB |
URL GET HTTP/2www.winflytech.com/wp-content/themes/pmjs/Css/style.css IP101.32.246.165:443 ASN#132203 Tencent Building, Kejizhongyi Avenue
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Css/style.css HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Cookie: pll_language=de
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:21 GMT
content-type: text/css
last-modified: Fri, 19 Aug 2022 07:09:40 GMT
vary: Accept-Encoding
etag: W/"62ff3734-acef"
expires: Fri, 19 Apr 2024 08:50:21 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Images/banner3.jpg | 0.0.0.0 | | 0 B |
URL GET www.winflytech.com/wp-content/themes/pmjs/Images/banner3.jpg IP0.0.0.0:0
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Images/banner3.jpg HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Cookie: pll_language=de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:21 GMT
content-type: image/jpeg
content-length: 472675
last-modified: Mon, 22 Aug 2022 08:05:04 GMT
etag: "630338b0-73663"
expires: Sat, 18 May 2024 20:50:21 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.winflytech.com/wp-content/themes/pmjs/Scripts/selectivizr.js | 101.32.246.165 | 200 OK | 4.5 kB |
URL GET HTTP/2www.winflytech.com/wp-content/themes/pmjs/Scripts/selectivizr.js IP101.32.246.165:443 ASN#132203 Tencent Building, Kejizhongyi Avenue
Requested byhttps://www.winflytech.com/ CertificateIssuerLet's Encrypt Subjectwww.winflytech.com FingerprintD7:7B:4D:00:D1:85:03:37:CE:DD:F7:C3:A0:26:3E:B4:B9:C1:95:4E ValidityFri, 08 Mar 2024 15:10:18 GMT - Thu, 06 Jun 2024 15:10:17 GMT
File typeJavaScript source, ASCII text, with very long lines (4679), with no line terminators Hasha4fe7d59fce4ab1cc21a29a75d06c635 bc0c43054dbfb3da3c477bb0f0c4bfa4008e40c0 8b97590612a819e3ee5550ee8a1771d84de0417e3d5054c1ec8e6958d3f1921a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/pmjs/Scripts/selectivizr.js HTTP/1.1
Host: www.winflytech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.winflytech.com/
Cookie: pll_language=de
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 20:50:21 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 08:39:48 GMT
vary: Accept-Encoding
etag: W/"62fa0654-118f"
expires: Fri, 19 Apr 2024 08:50:21 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|