Report - bjxdoor.com/

Report Overview

Submitted URL
bjxdoor.com/
IP
156.226.105.239
ASN
#133201 ABCDE GROUP COMPANY LIMITED
Submitted
2022-12-01 20:52:51
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
42

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
bjxdoor.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	23 kB	96 kB	156.226.105.239
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	680 B	1.9 kB	104.18.32.68
img.ywtuchuang2.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.7 kB	171 kB	154.12.54.74
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	359 B	1.9 kB	104.18.21.226
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
hm.baidu.com	8254	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	12 kB	103.235.46.191
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.37.79.227
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	72 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-01	medium	bjxdoor.com/	Phishing
2022-12-01	medium	bjxdoor.com/static/js/home.js	Phishing
2022-12-01	medium	bjxdoor.com/template/BR1/js/jquery.superslide.js	Phishing
2022-12-01	medium	bjxdoor.com/template/BR1/js/jquery.lazyload.js	Phishing
2022-12-01	medium	bjxdoor.com/template/BR1/js/jquery.base.js	Phishing
2022-12-01	medium	bjxdoor.com/template/BR1/js/jquery.min.js	Phishing
2022-12-01	medium	bjxdoor.com/static/js/jquery.js	Phishing
2022-12-01	medium	bjxdoor.com/js/1.js	Phishing
2022-12-01	medium	bjxdoor.com/js/2.js	Phishing
2022-12-01	medium	bjxdoor.com/js/piaofu.js	Phishing
2022-12-01	medium	bjxdoor.com/js/4.js	Phishing
2022-12-01	medium	bjxdoor.com/js/duilian.js	Phishing
2022-12-01	medium	bjxdoor.com/static/js/jquery.lazyload.js	Phishing
2022-12-01	medium	bjxdoor.com/static/js/jquery.autocomplete.js	Phishing
2022-12-01	medium	bjxdoor.com/template/BR1/js/jquery.superslide.js	Phishing
2022-12-01	medium	bjxdoor.com/template/BR1/js/jquery.min.js	Phishing
2022-12-01	medium	bjxdoor.com/js/1.js	Phishing
2022-12-01	medium	bjxdoor.com/js/2.js	Phishing
2022-12-01	medium	bjxdoor.com/js/piaofu.js	Phishing
2022-12-01	medium	bjxdoor.com/js/4.js	Phishing
2022-12-01	medium	bjxdoor.com/js/duilian.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	bjxdoor.com/static/js/jquery.autocomplete.js	26 kB	2023-03-07	2024-02-29
Pretty URL bjxdoor.com/static/js/jquery.autocomplete.js IP 156.226.105.239 ASN #133201 ABCDE GROUP COMPANY LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:44 Last Seen2024-02-29 20:21:12 Times Seen116 Hash 35c26e3261c67a1967219db9c1ba0853 75993fd752b0db19e029671b128d0596930f54d0 d6c285b3ecb13e7869385e887b413f95ed9ce7b9c989be3f7bf3e16284dd9f15 Loading...

	bjxdoor.com/template/BR1/js/jquery.lazyload.js	1.7 kB	2023-03-07	2024-04-15
Pretty URL bjxdoor.com/template/BR1/js/jquery.lazyload.js IP 156.226.105.239 ASN #133201 ABCDE GROUP COMPANY LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:43 Last Seen2024-04-15 00:35:26 Times Seen244 Hash c7918fb8ea83c71cecae35da3ee82167 4f86d674e1638ffa192334c5c11393546ee5a2f5 eb13a0fad3e976dfa108da7cf0690b74ca824e37d240a8e1af99d4d036cfdd19 Loading...

	hm.baidu.com/hm.js?4d3b24b6f55a241b21c390862d02b475	30 kB	2023-03-11	2023-03-11
Pretty URL hm.baidu.com/hm.js?4d3b24b6f55a241b21c390862d02b475 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:48:17 Last Seen2023-03-11 23:48:17 Times Seen1 Hash dcccf7b7447aa4a96b9b44484f1a9860 0e1ace668100b1a06de195d90916f9c9bd0127ce 6195ee69f88d3a927628b87bc67bd946cf5a139b7894f6b57987ee3ed1cbfeb3 Loading...

	bjxdoor.com/static/js/home.js	39 kB	2023-03-07	2024-04-18
Pretty URL bjxdoor.com/static/js/home.js IP 156.226.105.239 ASN #133201 ABCDE GROUP COMPANY LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:44 Last Seen2024-04-18 08:55:23 Times Seen427 Hash dace87b98369cd3a17614087ace567a7 854eb995ab3a2ca08a785786c0ab1055eef1649d 2c3a6ec3d46d0232dfbe258fc9ae849d7e29435f2ae66e388d0f6e5c42132417 Loading...

	bjxdoor.com/template/BR1/js/jquery.base.js	6.2 kB	2023-03-07	2024-04-15
Pretty URL bjxdoor.com/template/BR1/js/jquery.base.js IP 156.226.105.239 ASN #133201 ABCDE GROUP COMPANY LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:43 Last Seen2024-04-15 00:35:26 Times Seen455 Hash 7dd97001deea74d115f872b7740cd22e a86c571eae72507e3f79372013697c9c52a9441c 112ff0c6c579997b6ecf3da09f307165ed89abe3705a7f0124d7f88cfe3c52b8 Loading...

	bjxdoor.com/static/js/jquery.lazyload.js	2.2 kB	2023-03-07	2024-01-14
Pretty URL bjxdoor.com/static/js/jquery.lazyload.js IP 156.226.105.239 ASN #133201 ABCDE GROUP COMPANY LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:34 Last Seen2024-01-14 01:30:52 Times Seen204 Hash 7f6bdaec423516d31efcb1ca68dc0f41 a8a56b4f4b3f43069fcade23bbc717c8a0b2e1a0 b3cb7de10b74a99f823c56745aa07ae79b19cad051eb77de701881c2c3b297ec Loading...

	bjxdoor.com/static/js/jquery.js	93 kB	2023-03-07	2024-04-25
Pretty URL bjxdoor.com/static/js/jquery.js IP 156.226.105.239 ASN #133201 ABCDE GROUP COMPANY LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:44 Last Seen2024-04-25 21:46:42 Times Seen4830 Hash 383771ef1692bfcc3f2b6917ca985778 a1ce0bfa507f23cc414a9a7634bd73b994bb3b35 20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734 Loading...

	bjxdoor.com/	102 B	2023-03-11	2023-03-11
Pretty URL bjxdoor.com/ IP 156.226.105.239 ASN #133201 ABCDE GROUP COMPANY LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:48:17 Last Seen2023-03-11 23:48:18 Times Seen1 Hash a43a1dced2a8ed9f03e3ac15a9183a61 495f10679239653e1541a893ffce7edb0bf02a49 5104d398dfd4b7d018de2137901def615a06c68c7bb8381d5c7c18c799dad2fc Loading...

	bjxdoor.com/	254 B	2023-03-09	2023-03-11
Pretty URL bjxdoor.com/ IP 156.226.105.239 ASN #133201 ABCDE GROUP COMPANY LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:31:27 Last Seen2023-03-11 23:48:18 Times Seen1 Hash 58fd99f8c40830d188b60667e500a0db cb1a97da126af30a671ecaffda01fbb4de20bea8 bbd46adcfefff92ca123a44f34c2dd427036ea2f86a78c6ed5f9128ac85ddbb8 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 5aabfeb81fda10be5ecf28e2fb952ced	2.1 kB	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:19:43 Last Seen2024-04-26 04:34:07 Times Seen336 Hash 5aabfeb81fda10be5ecf28e2fb952ced 59d85764a8da7a7f048b9c3d0152ea5a84964bc0 f796f924638ba46a6ae1d20cadaf872bc40964b402d497b52458d904f1b9027e Loading...

HTTP Transactions (113)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2783
Expires: Thu, 01 Dec 2022 21:39:03 GMT
Date: Thu, 01 Dec 2022 20:52:40 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 647
Cache-Control: max-age=136159
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 20:52:40 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 10:41:59 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 20:19:49 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1971
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9412
Expires: Thu, 01 Dec 2022 23:29:32 GMT
Date: Thu, 01 Dec 2022 20:52:40 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: GtTj09pUFSLxljU0259Y5pre7pwMXo25rn22POrEkc9cqJ5/SLa5wPUcdQBsqJ8bscEM4R5NcwB6lnh9FSs0yA==
x-amz-request-id: 6GQWKNWYWBCSR620
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 20:46:26 GMT
age: 374
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 20:52:40 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 20:08:56 GMT
cache-control: public,max-age=3600
age: 2625
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

bjxdoor.com/

156.226.105.239

200 OK

8.4 kB

URL HTTP/1.1
bjxdoor.com/
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3681), with CRLF line terminators
Size
8.4 kB (8415 bytes)
Hash
803e477e29a1acce9ed29f6e71dccac7
e03892c4826a8e9366793f77e1f803e43ec911b2
120fca560cfaeaa3688b035394b0218676bdf1d6848c21951cd69048e5efdba3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 20:52:41 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 644
Cache-Control: max-age=131092
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 20:52:41 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 09:17:33 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

bjxdoor.com/static/css/home.css

156.226.105.239

200 OK

5.9 kB

URL HTTP/1.1
bjxdoor.com/static/css/home.css
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
Unicode text, UTF-8 text, with very long lines (310), with CRLF line terminators
Size
5.9 kB (5898 bytes)
Hash
363ab79bd3cd42fd360bd10229a70042
9bc0232d1b50d5ae9fd981cefaf29324ee7a443d
c000deb565563d05f4285c70b58783e681e8147fd7933ffa9f87b9f93655c0fb

HTTP Headers

GET /static/css/home.css HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 20:52:41 GMT
Content-Type: text/css
Last-Modified: Mon, 08 Jul 2019 02:09:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d22a5ec-5501"
Expires: Fri, 02 Dec 2022 08:52:41 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

bjxdoor.com/template/BR1/css/style.css

156.226.105.239

200 OK

2.8 kB

URL HTTP/1.1
bjxdoor.com/template/BR1/css/style.css
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
assembler source, Unicode text, UTF-8 text
Size
2.8 kB (2794 bytes)
Hash
30bc449a27cffec22e0de9ee7c0db6bf
7f22bbf377c3505a51ab34b46f8988376eb75e04
1bfa1e919aeb7473040dcc638e5a5c2847fb339883540b2b9894d9a280fd4143

HTTP Headers

GET /template/BR1/css/style.css HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 20:52:41 GMT
Content-Type: text/css
Last-Modified: Mon, 15 Jun 2020 13:14:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5ee77430-263f"
Expires: Fri, 02 Dec 2022 08:52:41 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

push.services.mozilla.com/

52.37.79.227

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.37.79.227:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JPou8OVyyX7Rw4cjnOF/XA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Rt0cJgKJ2svI5ZRjxoPhAeCktXs=

bjxdoor.com/static/js/home.js

156.226.105.239

200 OK

10 kB

URL HTTP/1.1
bjxdoor.com/static/js/home.js
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
Unicode text, UTF-8 text, with very long lines (2677), with CRLF line terminators
Size
10 kB (10525 bytes)
Hash
cf27875c07ac1742b6554d5c6369812f
d7a01a40e5144cdcd36a8588cbb929e317019a78
a558013b5c70dc000814a5045bd1988aec1ce0552617fbb38f3349b923119440

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/home.js HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 20:52:41 GMT
Content-Type: application/javascript
Last-Modified: Tue, 28 Apr 2020 14:28:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5ea83d72-994e"
Expires: Fri, 02 Dec 2022 08:52:41 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

bjxdoor.com/template/BR1/js/jquery.superslide.js

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/template/BR1/js/jquery.superslide.js
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /template/BR1/js/jquery.superslide.js HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:41 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/template/BR1/js/jquery.lazyload.js

156.226.105.239

200 OK

1.0 kB

URL HTTP/1.1
bjxdoor.com/template/BR1/js/jquery.lazyload.js
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
ASCII text, with very long lines (1625)
Size
1.0 kB (1000 bytes)
Hash
bf2425bba1a58286585a883b427b7e37
c882f6bb9ce1aced0148ae6267212ed2d661b6a4
db4d5d319b7298317e8dba72976392f629c829c38c043025bb459272456d6cc9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /template/BR1/js/jquery.lazyload.js HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 20:52:41 GMT
Content-Type: application/javascript
Last-Modified: Mon, 02 Dec 2019 14:34:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5de52100-6bb"
Expires: Fri, 02 Dec 2022 08:52:41 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

bjxdoor.com/template/BR1/js/jquery.base.js

156.226.105.239

200 OK

2.2 kB

URL HTTP/1.1
bjxdoor.com/template/BR1/js/jquery.base.js
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
Unicode text, UTF-8 text
Size
2.2 kB (2221 bytes)
Hash
e0bc5c26ea7f84a654cd7f3eadded5bc
eb806caf087af4435e03cd5701600d9dcf67f695
da42ceceb9a32cd547126d1d67ef79d7ec1f52cfdcd126a76815945bfa24e8a7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /template/BR1/js/jquery.base.js HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 20:52:41 GMT
Content-Type: application/javascript
Last-Modified: Mon, 02 Dec 2019 14:34:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5de52100-1835"
Expires: Fri, 02 Dec 2022 08:52:41 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
4881577d00b05f9779ae2e40fa53e747
98901891cfb91b861f0a336d41fae077df3eab4b
957116a5e4c83086b780e34b12e7c7746cc5d68da76982171728f58d1c9aab47

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 20:52:42 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 22:57:54 GMT
Expires: Tue, 06 Dec 2022 22:57:53 GMT
Etag: "98901891cfb91b861f0a336d41fae077df3eab4b"
Cache-Control: max-age=438910,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772eb5425c280b61-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
4881577d00b05f9779ae2e40fa53e747
98901891cfb91b861f0a336d41fae077df3eab4b
957116a5e4c83086b780e34b12e7c7746cc5d68da76982171728f58d1c9aab47

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 20:52:42 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 22:57:54 GMT
Expires: Tue, 06 Dec 2022 22:57:53 GMT
Etag: "98901891cfb91b861f0a336d41fae077df3eab4b"
Cache-Control: max-age=438910,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772eb5426f34b52d-OSL

bjxdoor.com/template/BR1/js/jquery.min.js

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/template/BR1/js/jquery.min.js
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /template/BR1/js/jquery.min.js HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:41 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/static/js/jquery.js

156.226.105.239

200 OK

37 kB

URL HTTP/1.1
bjxdoor.com/static/js/jquery.js
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
ASCII text, with very long lines (32089), with CRLF line terminators
Size
37 kB (36748 bytes)
Hash
cb8b32d2a46a250954f981780ea7d0d3
149d7140bb977c0ea043397cd72f067e56974692
080e5c45daae1e54faf78ecb600d5bd6680e7889343ebf220f94b6b9a343beae

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/jquery.js HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 20:52:41 GMT
Content-Type: application/javascript
Last-Modified: Sun, 10 Mar 2019 13:12:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5c850d52-169d9"
Expires: Fri, 02 Dec 2022 08:52:41 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

bjxdoor.com/js/1.js

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/js/1.js
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/1.js HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:42 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/js/2.js

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/js/2.js
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/2.js HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:42 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/js/piaofu.js

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/js/piaofu.js
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/piaofu.js HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:42 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/js/4.js

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/js/4.js
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/4.js HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:42 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/js/duilian.js

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/js/duilian.js
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/duilian.js HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:42 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/static/js/jquery.lazyload.js

156.226.105.239

200 OK

747 B

URL HTTP/1.1
bjxdoor.com/static/js/jquery.lazyload.js
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
ASCII text, with very long lines (2230), with CRLF line terminators
Size
747 B (747 bytes)
Hash
51bc439737d248eeaa9c42758e5c6b4f
a93e2cf688564063a325704c0f35a66edb0b3e20
cae2d23160e178f39804d4d3d13ce98d231a34871baf6111e4714c52653f10b1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/jquery.lazyload.js HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 20:52:42 GMT
Content-Type: application/javascript
Last-Modified: Sun, 10 Mar 2019 13:12:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5c850d52-8ba"
Expires: Fri, 02 Dec 2022 08:52:42 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

bjxdoor.com/static/js/jquery.autocomplete.js

156.226.105.239

200 OK

6.4 kB

URL HTTP/1.1
bjxdoor.com/static/js/jquery.autocomplete.js
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text, with CRLF line terminators
Size
6.4 kB (6356 bytes)
Hash
d9f67b358ecd6dc03fc709356018ab11
11a75063c50de09d8a323dc8bb93c194729055c0
d1f6fa1324f9b17b39672b105b95aa7792ab1a5e10a5a95e625f26b0c1b0a801

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/js/jquery.autocomplete.js HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 20:52:42 GMT
Content-Type: application/javascript
Last-Modified: Sun, 10 Mar 2019 13:12:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5c850d52-64a8"
Expires: Fri, 02 Dec 2022 08:52:42 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

img.ywtuchuang2.com/upload/vod/20221201-1/dee7e89c414569f6cadb7cfe2f8724f7.jpg

154.12.54.74

200 OK

10 kB

URL HTTP/1.1
img.ywtuchuang2.com/upload/vod/20221201-1/dee7e89c414569f6cadb7cfe2f8724f7.jpg
IP
154.12.54.74:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
10 kB (10533 bytes)
Hash
82f865fc565637a6522fa21a71dcbdd5
d8fc5d4bb2dc70b3cd0330c7d13c7597ba43674e
52517e0c27190ed9def921b9ef684cdbea1fa4dad08db1c964153570ccdb56c3

HTTP Headers

GET /upload/vod/20221201-1/dee7e89c414569f6cadb7cfe2f8724f7.jpg HTTP/1.1
Host: img.ywtuchuang2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bjxdoor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Thu, 01 Dec 2022 20:52:42 GMT
Content-Type: image/jpeg
Content-Length: 10533
Last-Modified: Wed, 30 Nov 2022 16:10:23 GMT
Connection: keep-alive
ETag: "6387806f-2925"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.ywtuchuang2.com/upload/vod/20221201-1/b283b95806197e267035621a46983529.jpg

154.12.54.74

200 OK

6.5 kB

URL HTTP/1.1
img.ywtuchuang2.com/upload/vod/20221201-1/b283b95806197e267035621a46983529.jpg
IP
154.12.54.74:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
6.5 kB (6520 bytes)
Hash
1c3d13492f7282f1a53083ecd577d133
f0ee495b1d63c81b89119c303a9b67af435552fa
839662664e46340034854dcc8d579209742a7525f10c025e9055fd53069b08d1

HTTP Headers

GET /upload/vod/20221201-1/b283b95806197e267035621a46983529.jpg HTTP/1.1
Host: img.ywtuchuang2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bjxdoor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Thu, 01 Dec 2022 20:52:42 GMT
Content-Type: image/jpeg
Content-Length: 6520
Last-Modified: Wed, 30 Nov 2022 16:10:54 GMT
Connection: keep-alive
ETag: "6387808e-1978"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17027
Expires: Fri, 02 Dec 2022 01:36:29 GMT
Date: Thu, 01 Dec 2022 20:52:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17027
Expires: Fri, 02 Dec 2022 01:36:29 GMT
Date: Thu, 01 Dec 2022 20:52:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17027
Expires: Fri, 02 Dec 2022 01:36:29 GMT
Date: Thu, 01 Dec 2022 20:52:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17027
Expires: Fri, 02 Dec 2022 01:36:29 GMT
Date: Thu, 01 Dec 2022 20:52:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17027
Expires: Fri, 02 Dec 2022 01:36:29 GMT
Date: Thu, 01 Dec 2022 20:52:42 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12898 bytes)
Hash
820cf89fcab8380adff42982c9fb11ed
84241ddddbbfd7de30118307fb1a62800d0a4cb3
0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gsn5uUFEzDZDOMPTvW9UQxtccvRfJKUM4eJ8U99jvUGzNIKkF9SzeA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:20 GMT
age: 83002
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8740 bytes)
Hash
26d6dffbf400da4803a2e76e2a8ef2f8
2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: 4823cf63-98eb-40d3-bb8b-e09cd2262f36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7SqHjYIAMF8xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c10-316b213c33ce9bc2355c0900;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tK4wl-g5kcUhVFE3iZGILhZhZSsaMzQD9JTBHj1JXV95yXs_e3gMGw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 12:31:43 GMT
age: 30059
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb53953-3f6b-43ee-95d9-fb65d133745f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13411 bytes)
Hash
328ce221bcf3442f88d09373193ff594
63bfa2ea925aa2c188c664a7bf7af7b0e5417e60
21d5b5ec267430dba91b17f89a557aca5cd2a21535da18eb02ec69ed0e1b7371

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb53953-3f6b-43ee-95d9-fb65d133745f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13411
x-amzn-requestid: 17fcc4e1-76c1-4eca-9235-c1a513bca24a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz80FCQoAMFs1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-26da4f265d74215f31425eb9;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MttRByNp1C1ZeFFicFVa0w3XRyXJnUycPy2Izk8hzGEgXGdDqD3L3A==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:48:17 GMT
age: 83065
etag: "63bfa2ea925aa2c188c664a7bf7af7b0e5417e60"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4762 bytes)
Hash
d2dd5a4bcfd47db8f38544bf39ce3031
fa2217bae05b7beca2e12597eaad835298276b82
3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4762
x-amzn-requestid: b7c0e28a-de0d-443d-8bf4-900a964bf110
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7uSFcMoAMF2CQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830cc1-7abade3a670201cf1906b79f;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:07:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gZSkafSw8cXo9AChLOTVJW7r_hHLW8kaHlA-ED2_zFJwuUk1uS3VRw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 13:29:36 GMT
age: 26586
etag: "fa2217bae05b7beca2e12597eaad835298276b82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9459 bytes)
Hash
e1e6b6ba4f82221b41c3d9129008c76d
2f9532d698b4c28df23e18bbb66399ec776d5b9f
218c6f41a16e6087c611d4db5784a7cc1d027084d0bf2bd6dc3843ee5dfd560f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: c08f55b2-7ac6-4dec-b53c-fd3f4533f9c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpBiGoHIAMFR2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bba3-69c2c2d05e55fd745caf1dce;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:09:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w_Mb-0pBwp-pUyU2bdJ8MhrGHkk6VQgJmcGV9MfHwj_yGUMIYZkyrg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 10:48:24 GMT
age: 36258
etag: "2f9532d698b4c28df23e18bbb66399ec776d5b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (16038 bytes)
Hash
ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 9d34c42b-ba0c-498f-8f99-d4ab527ffa89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzMdHXNIAMFgaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbe9-376846f31dc9b995797cbd18;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:25 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DngCuOTO9fQAwWe_ip6EtBcgruigZN6Bl1_v5BHM2dsWlhqCXCL3gg==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:33 GMT
age: 83229
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/wuma8092.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/wuma8092.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/wuma8092.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:42 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/template/BR1/js/jquery.superslide.js

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/template/BR1/js/jquery.superslide.js
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /template/BR1/js/jquery.superslide.js HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:42 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/wuma8089.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/wuma8089.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/wuma8089.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:42 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/wuma7756.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/wuma7756.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/wuma7756.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:42 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/wuma8094.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/wuma8094.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/wuma8094.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:42 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/wuma7757.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/wuma7757.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/wuma7757.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:42 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

img.ywtuchuang2.com/upload/vod/20221201-1/9eb51e6297647e21db1649c3a5b496b0.jpg

154.12.54.74

200 OK

10 kB

URL HTTP/1.1
img.ywtuchuang2.com/upload/vod/20221201-1/9eb51e6297647e21db1649c3a5b496b0.jpg
IP
154.12.54.74:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
10 kB (10182 bytes)
Hash
8cd426fd050729c00c031d963bf560d8
b50f4ee6718d60d943a370badcd494f423c865ab
36d2d0e0194ece8548b4bbe6f88cdf3078d4afa1b48e95cee93b0379cf1458d6

HTTP Headers

GET /upload/vod/20221201-1/9eb51e6297647e21db1649c3a5b496b0.jpg HTTP/1.1
Host: img.ywtuchuang2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bjxdoor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Thu, 01 Dec 2022 20:52:42 GMT
Content-Type: image/jpeg
Content-Length: 10182
Last-Modified: Wed, 30 Nov 2022 16:09:08 GMT
Connection: keep-alive
ETag: "63878024-27c6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.ywtuchuang2.com/upload/vod/20221201-1/1d7fd9515ee98e74c1ab10217103f704.jpg

154.12.54.74

200 OK

8.5 kB

URL HTTP/1.1
img.ywtuchuang2.com/upload/vod/20221201-1/1d7fd9515ee98e74c1ab10217103f704.jpg
IP
154.12.54.74:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.5 kB (8450 bytes)
Hash
b7c31c31d83091000710663ec9d9e25a
6f1ec35bcff80565c55b4054cc17ae95bc33550d
b67cb3468e2f424a0ad2eb79dcf07c968a70561a53cf62863f351d307f4e3ed9

HTTP Headers

GET /upload/vod/20221201-1/1d7fd9515ee98e74c1ab10217103f704.jpg HTTP/1.1
Host: img.ywtuchuang2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bjxdoor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Thu, 01 Dec 2022 20:52:42 GMT
Content-Type: image/jpeg
Content-Length: 8450
Last-Modified: Wed, 30 Nov 2022 16:08:41 GMT
Connection: keep-alive
ETag: "63878009-2102"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.ywtuchuang2.com/upload/vod/20221201-1/dffae504b98b77cd69237c364d825041.jpg

154.12.54.74

200 OK

10 kB

URL HTTP/1.1
img.ywtuchuang2.com/upload/vod/20221201-1/dffae504b98b77cd69237c364d825041.jpg
IP
154.12.54.74:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
10 kB (10054 bytes)
Hash
e49da1e8afd4f35aa3755df6f5ec93c1
35d18e24c4c3d59f526857966e15bb87a61e55a7
58c32f10813581c730118613a36e20940ae0057ba75e638e0c37468277271848

HTTP Headers

GET /upload/vod/20221201-1/dffae504b98b77cd69237c364d825041.jpg HTTP/1.1
Host: img.ywtuchuang2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bjxdoor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: image/jpeg
Content-Length: 10054
Last-Modified: Wed, 30 Nov 2022 16:10:55 GMT
Connection: keep-alive
ETag: "6387808f-2746"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.ywtuchuang2.com/upload/vod/20221201-1/808b09eefdf99524e520b806232a7e15.jpg

154.12.54.74

200 OK

8.4 kB

URL HTTP/1.1
img.ywtuchuang2.com/upload/vod/20221201-1/808b09eefdf99524e520b806232a7e15.jpg
IP
154.12.54.74:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.4 kB (8358 bytes)
Hash
77125e201bacd16d3eb56cc142204f5c
55d50b56fea25591202db05e5d118abc63f6496b
a516ef4ad1d1e176012c4ced335950f51f4b6588c79d0c0e5d31a0d2e9a05c73

HTTP Headers

GET /upload/vod/20221201-1/808b09eefdf99524e520b806232a7e15.jpg HTTP/1.1
Host: img.ywtuchuang2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bjxdoor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: image/jpeg
Content-Length: 8358
Last-Modified: Wed, 30 Nov 2022 16:10:01 GMT
Connection: keep-alive
ETag: "63878059-20a6"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.ywtuchuang2.com/upload/vod/20221201-1/97aa70b26392984fe7e9d7017b92e193.jpg

154.12.54.74

200 OK

13 kB

URL HTTP/1.1
img.ywtuchuang2.com/upload/vod/20221201-1/97aa70b26392984fe7e9d7017b92e193.jpg
IP
154.12.54.74:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
13 kB (13268 bytes)
Hash
6351165fbf70274a5a55fbbae6464f08
c1276f0d84538b113be29368938a1eed6ccd1047
b5bd7c7b821493c0ef74d50102339dcea66532805d74d7c25eb08925609a9ab5

HTTP Headers

GET /upload/vod/20221201-1/97aa70b26392984fe7e9d7017b92e193.jpg HTTP/1.1
Host: img.ywtuchuang2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bjxdoor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: image/jpeg
Content-Length: 13268
Last-Modified: Wed, 30 Nov 2022 16:09:00 GMT
Connection: keep-alive
ETag: "6387801c-33d4"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.ywtuchuang2.com/upload/vod/20221201-1/5ddf2e24cf7fbd4e6d47a0935a8a850f.jpg

154.12.54.74

200 OK

16 kB

URL HTTP/1.1
img.ywtuchuang2.com/upload/vod/20221201-1/5ddf2e24cf7fbd4e6d47a0935a8a850f.jpg
IP
154.12.54.74:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
16 kB (15804 bytes)
Hash
a0a289ac5692ecdaff4452f08431608e
0469803a47a8cca5e88c8d55fc7f4ea9f64cc57e
a9e7e1a1662d3ca302868f08a26675725bf5b6b14bf16de5a4833b0f273d9804

HTTP Headers

GET /upload/vod/20221201-1/5ddf2e24cf7fbd4e6d47a0935a8a850f.jpg HTTP/1.1
Host: img.ywtuchuang2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bjxdoor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: image/jpeg
Content-Length: 15804
Last-Modified: Wed, 30 Nov 2022 16:10:56 GMT
Connection: keep-alive
ETag: "63878090-3dbc"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.ywtuchuang2.com/upload/vod/20221201-1/7fc21444126fddd4fd063210037ec930.jpg

154.12.54.74

200 OK

10 kB

URL HTTP/1.1
img.ywtuchuang2.com/upload/vod/20221201-1/7fc21444126fddd4fd063210037ec930.jpg
IP
154.12.54.74:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
10 kB (10519 bytes)
Hash
5e795ae3c59b82f34caa13022381a540
55dc408a7480051f03dfc1e3aecc2c7aeec0a545
c7eb152cc82dd4347c3f98225667db09b67c869d6bd4efdf6becf3db49094b38

HTTP Headers

GET /upload/vod/20221201-1/7fc21444126fddd4fd063210037ec930.jpg HTTP/1.1
Host: img.ywtuchuang2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bjxdoor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: image/jpeg
Content-Length: 10519
Last-Modified: Wed, 30 Nov 2022 16:10:54 GMT
Connection: keep-alive
ETag: "6387808e-2917"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.ywtuchuang2.com/upload/vod/20221201-1/12d8e10511ebfc87d3fc8d276e413dd0.jpg

154.12.54.74

200 OK

7.7 kB

URL HTTP/1.1
img.ywtuchuang2.com/upload/vod/20221201-1/12d8e10511ebfc87d3fc8d276e413dd0.jpg
IP
154.12.54.74:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Size
7.7 kB (7698 bytes)
Hash
c77eb1a425c51533d78bc9238770c021
45035dc3a8355ee12ce62d5305c2483169471fc5
2512e078414bf144d8d1dfdfbbca68f40909ccb0ed8bcaabff79c54033e02fc7

HTTP Headers

GET /upload/vod/20221201-1/12d8e10511ebfc87d3fc8d276e413dd0.jpg HTTP/1.1
Host: img.ywtuchuang2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bjxdoor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: image/jpeg
Content-Length: 7698
Last-Modified: Wed, 30 Nov 2022 16:10:03 GMT
Connection: keep-alive
ETag: "6387805b-1e12"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/zwzm26612.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/zwzm26612.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/zwzm26612.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/zwzm26608.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/zwzm26608.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/zwzm26608.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/template/BR1/js/jquery.min.js

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/template/BR1/js/jquery.min.js
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /template/BR1/js/jquery.min.js HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/zwzm26613.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/zwzm26613.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/zwzm26613.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/zwzm26619.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/zwzm26619.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/zwzm26619.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/zwzm26602.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/zwzm26602.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/zwzm26602.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

img.ywtuchuang2.com/upload/vod/20221201-1/7c71e3b45aeb6760a480b16f79efed54.jpg

154.12.54.74

200 OK

5.2 kB

URL HTTP/1.1
img.ywtuchuang2.com/upload/vod/20221201-1/7c71e3b45aeb6760a480b16f79efed54.jpg
IP
154.12.54.74:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
5.2 kB (5151 bytes)
Hash
eaa05326f11ef3f3b68c37fd0701dff3
edcd3fc77a2e7ae30e2e03703e607d89e6bc1501
daedc0bd00f4309236884625435a0971df9101e8fd9066ba94693f16450231fc

HTTP Headers

GET /upload/vod/20221201-1/7c71e3b45aeb6760a480b16f79efed54.jpg HTTP/1.1
Host: img.ywtuchuang2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bjxdoor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: image/jpeg
Content-Length: 5151
Last-Modified: Wed, 30 Nov 2022 16:08:44 GMT
Connection: keep-alive
ETag: "6387800c-141f"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.ywtuchuang2.com/upload/vod/20221201-1/9c1fbfb454bb0959c3449d9ab27240f1.jpg

154.12.54.74

200 OK

13 kB

URL HTTP/1.1
img.ywtuchuang2.com/upload/vod/20221201-1/9c1fbfb454bb0959c3449d9ab27240f1.jpg
IP
154.12.54.74:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
13 kB (12678 bytes)
Hash
d59c7340df53a821e6aa6b33123b7041
07d43b0918883a897e58a33e98582d0f4b81d5b2
dbc2e97aa29a43516e6658d70b03eecf5d9c8495b5285f47642276f8e75dd080

HTTP Headers

GET /upload/vod/20221201-1/9c1fbfb454bb0959c3449d9ab27240f1.jpg HTTP/1.1
Host: img.ywtuchuang2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bjxdoor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: image/jpeg
Content-Length: 12678
Last-Modified: Wed, 30 Nov 2022 16:09:07 GMT
Connection: keep-alive
ETag: "63878023-3186"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.ywtuchuang2.com/upload/vod/20221201-1/0d7883abc0ac420424fd1b71b91acf8e.jpg

154.12.54.74

200 OK

5.5 kB

URL HTTP/1.1
img.ywtuchuang2.com/upload/vod/20221201-1/0d7883abc0ac420424fd1b71b91acf8e.jpg
IP
154.12.54.74:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Size
5.5 kB (5511 bytes)
Hash
038a4b581ad1f8161c19537a818954ff
1eb7df8023ba67211a0cbd5794ee44e5581ea301
c427989ffec1a693c114c9af3583c5e38c8ba41a4a914d07f804dc5f2aead6ef

HTTP Headers

GET /upload/vod/20221201-1/0d7883abc0ac420424fd1b71b91acf8e.jpg HTTP/1.1
Host: img.ywtuchuang2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bjxdoor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: image/jpeg
Content-Length: 5511
Last-Modified: Wed, 30 Nov 2022 16:10:54 GMT
Connection: keep-alive
ETag: "6387808e-1587"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.ywtuchuang2.com/upload/vod/20221201-1/6c962e78e86bf32a5d978478b5b369ac.jpg

154.12.54.74

200 OK

9.3 kB

URL HTTP/1.1
img.ywtuchuang2.com/upload/vod/20221201-1/6c962e78e86bf32a5d978478b5b369ac.jpg
IP
154.12.54.74:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
9.3 kB (9306 bytes)
Hash
436c43b7346c8a37a804730b4e9b06f1
4032404c29ce8212efb3126e8376be1eaca48e6e
f0108d21cf67fcefa2ce9d5763790c0de38f38053ef91e9d1df42902db012cd3

HTTP Headers

GET /upload/vod/20221201-1/6c962e78e86bf32a5d978478b5b369ac.jpg HTTP/1.1
Host: img.ywtuchuang2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bjxdoor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: image/jpeg
Content-Length: 9306
Last-Modified: Wed, 30 Nov 2022 16:10:53 GMT
Connection: keep-alive
ETag: "6387808d-245a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.ywtuchuang2.com/upload/vod/20221201-1/f0040fcf1eb1b9b28736c9aaabe36315.jpg

154.12.54.74

200 OK

5.4 kB

URL HTTP/1.1
img.ywtuchuang2.com/upload/vod/20221201-1/f0040fcf1eb1b9b28736c9aaabe36315.jpg
IP
154.12.54.74:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
5.4 kB (5429 bytes)
Hash
09960c451943cdf09c6b9d4eaf73e370
6aac6a67bdfe30aa1efdf1b5309e56359b868c15
5acb1909bfbef43f3279f1e80b1ad8214f4ada215b3bd153606421068bc519af

HTTP Headers

GET /upload/vod/20221201-1/f0040fcf1eb1b9b28736c9aaabe36315.jpg HTTP/1.1
Host: img.ywtuchuang2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bjxdoor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: image/jpeg
Content-Length: 5429
Last-Modified: Wed, 30 Nov 2022 16:09:08 GMT
Connection: keep-alive
ETag: "63878024-1535"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.ywtuchuang2.com/upload/vod/20221201-1/36bac31cc4e96124193064490060bd6e.jpg

154.12.54.74

200 OK

7.2 kB

URL HTTP/1.1
img.ywtuchuang2.com/upload/vod/20221201-1/36bac31cc4e96124193064490060bd6e.jpg
IP
154.12.54.74:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
7.2 kB (7153 bytes)
Hash
e569933b0c4fbf96485267eeb0c846f1
ce36bfa5ea56203bdfc4640bc7b2e3bfe38446d1
3167e1ec3665c041cd0e77262308d9c360a623945055a60d673b0b8ab991f441

HTTP Headers

GET /upload/vod/20221201-1/36bac31cc4e96124193064490060bd6e.jpg HTTP/1.1
Host: img.ywtuchuang2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bjxdoor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: image/jpeg
Content-Length: 7153
Last-Modified: Wed, 30 Nov 2022 16:10:56 GMT
Connection: keep-alive
ETag: "63878090-1bf1"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.ywtuchuang2.com/upload/vod/20221201-1/8f9507be2b6ae0b25823c1c521cff5cf.jpg

154.12.54.74

200 OK

6.8 kB

URL HTTP/1.1
img.ywtuchuang2.com/upload/vod/20221201-1/8f9507be2b6ae0b25823c1c521cff5cf.jpg
IP
154.12.54.74:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
6.8 kB (6771 bytes)
Hash
c09b069340b7d5ae0a0eb1a61c943f43
4b1bf1cbe4e9635f42af3328b482d8189051c33d
2edd3da96c5dd6ec44e2d7bb820d19998ad64234e421295e3884bfb90243f6bf

HTTP Headers

GET /upload/vod/20221201-1/8f9507be2b6ae0b25823c1c521cff5cf.jpg HTTP/1.1
Host: img.ywtuchuang2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bjxdoor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: image/jpeg
Content-Length: 6771
Last-Modified: Wed, 30 Nov 2022 16:10:23 GMT
Connection: keep-alive
ETag: "6387806f-1a73"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

img.ywtuchuang2.com/upload/vod/20221201-1/b2676d8220a674bf4acac5a92808facb.jpg

154.12.54.74

200 OK

11 kB

URL HTTP/1.1
img.ywtuchuang2.com/upload/vod/20221201-1/b2676d8220a674bf4acac5a92808facb.jpg
IP
154.12.54.74:0
ASN
#22769 DDOSING-BGP-NETWORK

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
11 kB (11417 bytes)
Hash
35a9e953a329e36141581a4bc6fc2a42
f3da3efd2970f42d87aa92fb4624309a0c64907f
e7a3b1b0b71abc62c8a9f51c76bd17fa4392c5e063fe9f49c4e29eb107d04038

HTTP Headers

GET /upload/vod/20221201-1/b2676d8220a674bf4acac5a92808facb.jpg HTTP/1.1
Host: img.ywtuchuang2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bjxdoor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: image/jpeg
Content-Length: 11417
Last-Modified: Wed, 30 Nov 2022 16:11:04 GMT
Connection: keep-alive
ETag: "63878098-2c99"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/upload/vod/2020-08-01/159622573216.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/upload/vod/2020-08-01/159622573216.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/upload/vod/2020-08-01/159622573216.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/upload/vod/2020-08-06/15966819333.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/upload/vod/2020-08-06/15966819333.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/upload/vod/2020-08-06/15966819333.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/js/1.js

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/js/1.js
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/1.js HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/zwzm26606.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/zwzm26606.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/zwzm26606.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/oumei1016.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/oumei1016.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/oumei1016.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/oumei1018.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/oumei1018.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/oumei1018.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/Vf1gOwU3/1.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/Vf1gOwU3/1.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/Vf1gOwU3/1.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/js/2.js

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/js/2.js
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/2.js HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/oumei1011.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/oumei1011.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/oumei1011.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/oumei1003.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/oumei1003.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/oumei1003.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/u0SZBpZG/1.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/u0SZBpZG/1.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/u0SZBpZG/1.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/s4KygPIp/1.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/s4KygPIp/1.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/s4KygPIp/1.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/K1rkcwtf/1.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/K1rkcwtf/1.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/K1rkcwtf/1.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/js/piaofu.js

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/js/piaofu.js
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/piaofu.js HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/NzaDLPNF/1.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/NzaDLPNF/1.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/NzaDLPNF/1.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/3PnsYsSM/1.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/3PnsYsSM/1.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/3PnsYsSM/1.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:43 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/6dxAgS9N/1.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/6dxAgS9N/1.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/6dxAgS9N/1.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:44 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/SoRuoUO2/1.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/SoRuoUO2/1.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/SoRuoUO2/1.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:44 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/upload/vod/2020-07-23/15954495714.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/upload/vod/2020-07-23/15954495714.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/upload/vod/2020-07-23/15954495714.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:44 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/Vf1gOwU3/1.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/Vf1gOwU3/1.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/Vf1gOwU3/1.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:44 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/jIF504mL/1.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/jIF504mL/1.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/jIF504mL/1.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:44 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/u0SZBpZG/1.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/u0SZBpZG/1.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/u0SZBpZG/1.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:44 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/s4KygPIp/1.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/s4KygPIp/1.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/s4KygPIp/1.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:44 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/js/4.js

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/js/4.js
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/4.js HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:44 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/K1rkcwtf/1.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/K1rkcwtf/1.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/K1rkcwtf/1.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:44 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/UAotcD94/1.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/UAotcD94/1.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/uptu/20221127/UAotcD94/1.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:44 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/upload/vod/2020-08-01/15962257328.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/upload/vod/2020-08-01/15962257328.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/upload/vod/2020-08-01/15962257328.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:44 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/upload/vod/2020-07-25/15956165803.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/upload/vod/2020-07-25/15956165803.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/upload/vod/2020-07-25/15956165803.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:44 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/upload/vod/2020-08-04/159648197513.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/upload/vod/2020-08-04/159648197513.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/upload/vod/2020-08-04/159648197513.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:44 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/wuma8092.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/wuma8092.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/wuma8092.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:44 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/upload/vod/2020-08-09/159693560318.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/upload/vod/2020-08-09/159693560318.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/upload/vod/2020-08-09/159693560318.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:44 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/wuma8094.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/wuma8094.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/wuma8094.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:44 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/wuma7756.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/wuma7756.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/wuma7756.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:44 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/js/duilian.js

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/js/duilian.js
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/duilian.js HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:44 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/upload/vod/2020-07-25/15956165791.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/upload/vod/2020-07-25/15956165791.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/upload/vod/2020-07-25/15956165791.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:44 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/guochan10575.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/guochan10575.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/guochan10575.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:44 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/guochan10578.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/guochan10578.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/guochan10578.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:44 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/guochan10574.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/guochan10574.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/guochan10574.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:44 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/guochan10579.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/guochan10579.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/guochan10579.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:44 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/guochan10571.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/guochan10571.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/guochan10571.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:45 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/guochan10572.jpg

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/guochan10572.jpg
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /img.php?url=https://ddcdn.pic-726-baidu.com/images/2022/11/30/guochan10572.jpg HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:45 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
61aaa9c113389727a15c3d4b9832c993
b8327e4bfdf09cd0679599af397c6f6ddd24b3cd
c485c7350b2ac4544c1c6f5497c5d49acd43b987c1475f370ad5a8f4e2b2e530

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 20:52:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 05 Dec 2022 18:48:02 GMT
ETag: "b8327e4bfdf09cd0679599af397c6f6ddd24b3cd"
Last-Modified: Thu, 01 Dec 2022 18:48:03 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2888
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772eb5592c2cfac4-OSL

bjxdoor.com/static/css/favicon.ico

156.226.105.239

404 Not Found

146 B

URL HTTP/1.1
bjxdoor.com/static/css/favicon.ico
IP
156.226.105.239:0
ASN
#133201 ABCDE GROUP COMPANY LIMITED

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /static/css/favicon.ico HTTP/1.1
Host: bjxdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bjxdoor.com/

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 20:52:45 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

hm.baidu.com/hm.js?4d3b24b6f55a241b21c390862d02b475

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?4d3b24b6f55a241b21c390862d02b475
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (619)
Size
11 kB (11257 bytes)
Hash
65d5d6b3aac65f250427d0c7d157a41a
3d2068fd3798e9a6e1e1f4738f0f96d533ea7125
a3421fc2f8a8284c1afd674075f2a83bf6d3f1ede3acbf24026c9d0c0794c7b4

HTTP Headers

GET /hm.js?4d3b24b6f55a241b21c390862d02b475 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bjxdoor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Thu, 01 Dec 2022 20:52:46 GMT
Etag: 78d0685e79fb57eb89d8f59ca1b6b71c
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=5CB3749FC83EA86B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=422553435&si=4d3b24b6f55a241b21c390862d02b475&v=1.3.0&lv=1&sn=30630&r=0&ww=1280&u=http%3A%2F%2Fbjxdoor.com%2F&tt=%E6%AC%A7%E7%BE%8E%E6%97%A5%E9%9F%A9%E4%B8%80%E9%81%93%E5%85%8D%E8%B4%B9%E8%A7%82%E7%9C%8B

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=422553435&si=4d3b24b6f55a241b21c390862d02b475&v=1.3.0&lv=1&sn=30630&r=0&ww=1280&u=http%3A%2F%2Fbjxdoor.com%2F&tt=%E6%AC%A7%E7%BE%8E%E6%97%A5%E9%9F%A9%E4%B8%80%E9%81%93%E5%85%8D%E8%B4%B9%E8%A7%82%E7%9C%8B
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=422553435&si=4d3b24b6f55a241b21c390862d02b475&v=1.3.0&lv=1&sn=30630&r=0&ww=1280&u=http%3A%2F%2Fbjxdoor.com%2F&tt=%E6%AC%A7%E7%BE%8E%E6%97%A5%E9%9F%A9%E4%B8%80%E9%81%93%E5%85%8D%E8%B4%B9%E8%A7%82%E7%9C%8B HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bjxdoor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 01 Dec 2022 20:52:47 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=BC293E8889477106; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations