Overview

URL gxjjcn.com/hyi/-/dir/0bdfc984d37519c3e30ad1a4ffa34244/execution.html?validation=e1s1
IP203.195.137.159
ASNShenzhen Tencent Computer Systems Company Limited
Location China
Report completed2022-10-03 20:38:19 UTC
StatusLoading report..
urlquery Alerts Phishing - DHL


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-03 2 gxjjcn.com/hyi/-/dir/dist/js.cookie.js Phishing
2022-10-03 2 gxjjcn.com/hyi/-/dir/dist/jquery-lang.js Phishing
2022-10-03 2 gxjjcn.com/hyi/-/dir/dist/fonts/default-274a65bae9742377aaf010bb1a7de971.woff Phishing
2022-10-03 2 gxjjcn.com/hyi/-/dir/dist/DHL_head.html Phishing
2022-10-03 2 gxjjcn.com/hyi/-/dir/dist/DHL_footer.html Phishing
2022-10-03 2 gxjjcn.com/hyi/-/dir/dist/load.php Phishing
2022-10-03 2 gxjjcn.com/hyi/-/dir/dist/fonts/iconfont-e7bece496cd0e6d60e456bc2b48c9446.woff Phishing
2022-10-03 2 gxjjcn.com/hyi/-/dir/dist/langpack/en.json Phishing
2022-10-03 2 gxjjcn.com/hyi/-/dir/dist/langpack/en.json Phishing
2022-10-03 2 gxjjcn.com/hyi/-/dir/dist/fonts/default-815fcbb4d2c57901701125d768f09d67.woff Phishing
2022-10-03 2 gxjjcn.com/hyi/-/dir/dist/fonts/default-3e828e80f6e985c352eba4474518978d.woff Phishing
2022-10-03 2 gxjjcn.com/hyi/-/dir/dist/DHL_track.html Phishing
2022-10-03 2 gxjjcn.com/hyi/-/dir/dist/jquery.validate.min.js Phishing
2022-10-03 2 gxjjcn.com/hyi/-/dir/dist/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (14)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-03 09:28:24 UTC 52.13.69.101
mnemonic passive DNS ocsp.pki.goog (2) 175 2017-06-14 07:23:31 UTC 2022-10-03 07:14:52 UTC 142.250.74.3
mnemonic passive DNS r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-10-03 07:33:36 UTC 23.36.76.225
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-03 14:54:54 UTC 143.204.55.27
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-03 09:28:24 UTC 34.117.237.239
mnemonic passive DNS ajax.googleapis.com (1) 12905 2013-08-16 09:51:31 UTC 2022-10-03 14:59:45 UTC 142.250.74.106
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-03 13:17:20 UTC 93.184.220.29
mnemonic passive DNS code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-10-03 09:28:27 UTC 69.16.175.10
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-10-03 09:28:50 UTC 104.18.21.226
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-03 08:07:24 UTC 143.204.55.25
mnemonic passive DNS gxjjcn.com (17) 0 2021-01-31 11:40:14 UTC 2022-10-03 05:26:22 UTC 203.195.137.159 Unknown ranking
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-03 14:02:45 UTC 34.120.237.76
mnemonic passive DNS ipinfo.io (2) 8136 2015-02-06 06:58:53 UTC 2022-10-03 13:56:44 UTC 34.117.59.81
mnemonic passive DNS cdn.jsdelivr.net (2) 439 2012-09-30 00:15:09 UTC 2022-10-03 14:22:39 UTC 151.101.85.229


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 203.195.137.159

Date UQ / IDS / BL URL IP
2022-10-09 22:41:04 +0000
4 - 0 - 31 gxjjcn.com/hyi/-/dir/05c4740d7c9e17aa27937dc0 (...) 203.195.137.159
2022-10-09 22:40:41 +0000
4 - 0 - 31 gxjjcn.com/hyi/-/dir/3f068e76ef8a3ffbb4e169de (...) 203.195.137.159
2022-10-09 22:40:03 +0000
4 - 0 - 31 gxjjcn.com/hyi/-/dir/474f04e02fee6b92bf2256f5 (...) 203.195.137.159
2022-10-09 10:19:40 +0000
4 - 0 - 31 gxjjcn.com/hyi/-/dir/4bc6a44397fe50b0ff16c83b (...) 203.195.137.159
2022-10-09 10:19:23 +0000
4 - 0 - 31 gxjjcn.com/hyi/-/dir/988d36fc90790312f50b9f50 (...) 203.195.137.159

Last 5 reports on ASN: Shenzhen Tencent Computer Systems Company Limited

Date UQ / IDS / BL URL IP
2022-12-03 20:57:04 +0000
0 - 0 - 1 101.43.220.78/DNF.exe 101.43.220.78
2022-12-03 20:30:57 +0000
0 - 0 - 1 43.143.131.83/dnf.exe 43.143.131.83
2022-12-03 17:37:37 +0000
0 - 0 - 2 101.43.220.78/dnf.exe 101.43.220.78
2022-12-03 15:21:20 +0000
0 - 0 - 18 118.24.96.93/index.php?m=user 118.24.96.93
2022-12-03 07:26:41 +0000
0 - 0 - 10 82.157.27.246/ 82.157.27.246

Last 5 reports on domain: gxjjcn.com

Date UQ / IDS / BL URL IP
2022-10-09 22:41:04 +0000
4 - 0 - 31 gxjjcn.com/hyi/-/dir/05c4740d7c9e17aa27937dc0 (...) 203.195.137.159
2022-10-09 22:40:41 +0000
4 - 0 - 31 gxjjcn.com/hyi/-/dir/3f068e76ef8a3ffbb4e169de (...) 203.195.137.159
2022-10-09 22:40:03 +0000
4 - 0 - 31 gxjjcn.com/hyi/-/dir/474f04e02fee6b92bf2256f5 (...) 203.195.137.159
2022-10-09 10:19:40 +0000
4 - 0 - 31 gxjjcn.com/hyi/-/dir/4bc6a44397fe50b0ff16c83b (...) 203.195.137.159
2022-10-09 10:19:23 +0000
4 - 0 - 31 gxjjcn.com/hyi/-/dir/988d36fc90790312f50b9f50 (...) 203.195.137.159

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-12 15:56:11 +0000
17 - 0 - 15 diretoriodeartistas.com/Ven-C404/_/dir/93772f (...) 43.156.100.63
2022-11-12 15:55:31 +0000
20 - 0 - 17 diretoriodeartistas.com/Ven-C404/_/dir/6d1b54 (...) 43.156.100.63
2022-11-12 15:55:08 +0000
18 - 0 - 15 diretoriodeartistas.com/Ven-C404/_/dir/570989 (...) 43.156.100.63
2022-11-12 15:54:49 +0000
18 - 0 - 15 diretoriodeartistas.com/Ven-C404/_/dir/c083b7 (...) 43.156.100.63
2022-11-12 15:54:28 +0000
22 - 0 - 19 diretoriodeartistas.com/Ven-C404/_/dir/310c23 (...) 43.156.100.63


JavaScript

Executed Scripts (14)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (42)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.225
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5008
Expires: Mon, 03 Oct 2022 22:01:36 GMT
Date: Mon, 03 Oct 2022 20:38:08 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 03 Oct 2022 19:46:51 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _0jxO2R3oaed11tu8OewnZIsm6xYvr9xc6PCYqeglOm4yIeS59Z1Uw==
Age: 3077


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0CQdLSOtHCJJybPOHS2zWWgmv_nEiMDDFzXAKGt6NNlQT_k8FIrgqw==
age: 54581
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 03 Oct 2022 20:38:08 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /hyi/-/dir/0bdfc984d37519c3e30ad1a4ffa34244/execution.html?validation=e1s1 HTTP/1.1 
Host: gxjjcn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         203.195.137.159
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 03 Oct 2022 20:38:08 GMT
Last-Modified: Mon, 03 Oct 2022 06:17:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633a7e6e-1f52"
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   1917
Md5:    ac663b6b2014a63c2d60f68d0b2e201a
Sha1:   e90553ea100be3c4e570dba5e5f6626aa5de94f9
Sha256: 94d60149ca27c4663d089612ffff0ccdc303f89e80ef688b5f6a3532c436f4d9
                                        
                                            GET /ajax/libs/jquery/1.10.2/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gxjjcn.com/

                                         
                                         142.250.74.106
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 32954
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 03 Oct 2022 11:46:51 GMT
Expires: Tue, 03 Oct 2023 11:46:51 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Age: 31878


--- Additional Info ---
Magic:  ASCII text, with very long lines (32072)
Size:   32954
Md5:    d38e2944bbc9ae54b8947a2bd0b9a932
Sha1:   782a825679b248d38979c2d7ecae257873344437
Sha256: 65a0917567cb7037612cf420629873f2f3594d2e741aaadf90d893d07d8f5fdd
                                        
                                            GET /jquery-3.5.1.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://gxjjcn.com
Connection: keep-alive
Referer: http://gxjjcn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 03 Oct 2022 20:38:09 GMT
content-encoding: gzip
content-length: 30879
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d84"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664829489.dop001.sk1.t,1664829489.cds224.sk1.hn,1664829489.cds208.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30879
Md5:    3700d0b271343804b9b9aa1c13efa521
Sha1:   3d6b03dbd74872ca3dfbb0529f6c80943788f918
Sha256: fda7541f8e4cf921d20bcd0dc1d0efe69644c79bd18a0be4ce2f34246c83603e
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 03 Oct 2022 20:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 03 Oct 2022 21:03:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2OVgVZMvWro_NO5I_vTybKZ4NZeyepfY7LWRJbLLU-KS2-ED1sl7HQ==
Age: 516


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /hyi/-/dir/dist/js.cookie.js HTTP/1.1 
Host: gxjjcn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/0bdfc984d37519c3e30ad1a4ffa34244/execution.html?validation=e1s1

                                         
                                         203.195.137.159
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 03 Oct 2022 20:38:09 GMT
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6332e3ba-d60"
Expires: Tue, 04 Oct 2022 08:38:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   1459
Md5:    c2b8a5ec7feab55c9367484bf1a827b8
Sha1:   3235843155f4895895a3c82bc486cb7cf04d0293
Sha256: 462e9b036ef7da2ce8ac4afce22db9f437fd7a061a643e885acf303acfe23600

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 521
Cache-Control: 'max-age=158059'
Date: Mon, 03 Oct 2022 20:38:09 GMT
Last-Modified: Mon, 03 Oct 2022 20:29:28 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /hyi/-/dir/dist/jquery-lang.js HTTP/1.1 
Host: gxjjcn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/0bdfc984d37519c3e30ad1a4ffa34244/execution.html?validation=e1s1

                                         
                                         203.195.137.159
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 03 Oct 2022 20:38:09 GMT
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6332e3ba-6c2d"
Expires: Tue, 04 Oct 2022 08:38:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   8035
Md5:    ea15f345d5b4c6c29679113a0760a048
Sha1:   efc848d46e044e487d28df111e35cc84baf2be95
Sha256: eb82846df5ab3495a4aa3567562bb43dc52983f808f0d0dd15e4950f3a259068

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tQGZgxECsIr7Doir3kQBtQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.13.69.101
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dD2l68/gf8sL1dvQz8AiYfIqfhs=

                                        
                                            GET /hyi/-/dir/dist/dhl.css HTTP/1.1 
Host: gxjjcn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/0bdfc984d37519c3e30ad1a4ffa34244/execution.html?validation=e1s1

                                         
                                         203.195.137.159
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Mon, 03 Oct 2022 20:38:09 GMT
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6332e3ba-15b189"
Expires: Tue, 04 Oct 2022 08:38:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (1148), with CRLF line terminators
Size:   363584
Md5:    1173a779603e4bb35745ed92a25a1ad7
Sha1:   5a922c9e379676611381e2fa5fdff353b1823a89
Sha256: b71c0c9eda07ed2f929ddfd5e3ca9c3919a122d8297785834dafffa3c6611c35
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.225
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11541
Expires: Mon, 03 Oct 2022 23:50:31 GMT
Date: Mon, 03 Oct 2022 20:38:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.225
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11541
Expires: Mon, 03 Oct 2022 23:50:31 GMT
Date: Mon, 03 Oct 2022 20:38:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.225
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11541
Expires: Mon, 03 Oct 2022 23:50:31 GMT
Date: Mon, 03 Oct 2022 20:38:10 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8158
x-amzn-requestid: 424c8c6c-7075-4ace-97e6-2b0a609d1b7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXDxGRlIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-046d963a345c15e81dc74e4d;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AM8Ox9ObWGoXI-QnnoI7QkY5mOh8j6xBPetTrhyVktVO40ekk4X2Eg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
age: 82363
etag: "3fc3aeae907a0ce0db21753c67c1000681e48b8e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8158
Md5:    721a8d8f94c3796abf021978fcdbc831
Sha1:   3fc3aeae907a0ce0db21753c67c1000681e48b8e
Sha256: cb497b15e7c2e49930b99f8d6659f0394acefb7b11613ca04397ee782dac759d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TVz3oiy-Z2r9lGFDgsnGNxotvvAPeOaa7LMzqs432QjZpZo-PNt1-g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 04:42:51 GMT
age: 57319
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10839
x-amzn-requestid: 67718257-ee21-44f0-80bd-f15cea37ac5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWcKFD0IAMFV7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044d-09a45a242bf4bdfe0f4608e4;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dOlitYNRYQsyiYLagdUWS2MmO34k8otqQ5yKZ7f4zzbj1HxhAzZoqQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:44:43 GMT
age: 82407
etag: "b105f7bf041365d644c98c7e11ffa75e4656d29d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10839
Md5:    36debc920b17e124779c01af9101a59e
Sha1:   b105f7bf041365d644c98c7e11ffa75e4656d29d
Sha256: f518ccd094d0e187b91cfd36dfb282566c0d088ce13501157dc97c702211d938
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F780fc623-fddc-49c7-99c9-1dd66ce64db7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8279
x-amzn-requestid: fed6efac-3419-4ecc-89f8-d4c3e0c22915
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWbsHpBIAMFT1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044a-5fc3bf5b7126d4a835d93e3d;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7g6tucmoqeX5RFtet3L9XllP1G6fx4RWt5XqTsVvhtxZnPxV0EVpqA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:57:37 GMT
age: 81633
etag: "ced4806b7cc4d08e2c3f1c5e591184f462e86ec2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8279
Md5:    bfb6fbd0b91416a5a7cc7f7d0fcbf27c
Sha1:   ced4806b7cc4d08e2c3f1c5e591184f462e86ec2
Sha256: 9a217da43a32c70ebd39b3076b3c14b16d8931ccebfe5d41139fa706b3b3e149
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8277
x-amzn-requestid: a7d76241-7da1-4c84-9c73-2e3a71b81b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZTMfEGHiIAMFpmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63378df9-3727a65235e4dbc60cc11cf0;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 00:46:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 09iwZNlJ5pUQqongHTbgUlh_i1CyHZ6uGvHPV8SfbEGixTWM1A_BoQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 20:14:12 GMT
age: 1438
etag: "43a66cd291d1413d7147a29b2a7b27277a443f0b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8277
Md5:    6a90e53b55500427aed06efa3a9baa8c
Sha1:   43a66cd291d1413d7147a29b2a7b27277a443f0b
Sha256: 2cf5790e81140bc56b46163787f84c54a07f58e90001837624f426aafa8031c5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9083
x-amzn-requestid: fda71fd3-ef25-4a63-94ae-1bfc8aef8d14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXD2H0DIAMFjrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-198915fc17ce3dab571b7575;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _JxPe8uPQIgRKoJxtJAKjXpVy1hCW0rFcs8K_erJOHbVNpw339Pz6w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
age: 82363
etag: "8118ee462077c291b9d6f1402b85b55a9ceba8c2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9083
Md5:    523edd86af4757d0bc5fa5b3b8a3596a
Sha1:   8118ee462077c291b9d6f1402b85b55a9ceba8c2
Sha256: c27de9970317636df8c4a517a9ed38e573235b351bf92c9b8bb1f964cd100031
                                        
                                            GET /hyi/-/dir/dist/fonts/default-274a65bae9742377aaf010bb1a7de971.woff HTTP/1.1 
Host: gxjjcn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/dist/dhl.css

                                         
                                         203.195.137.159
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Server: nginx
Date: Mon, 03 Oct 2022 20:38:10 GMT
Content-Length: 41084
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Connection: keep-alive
ETag: "6332e3ba-a07c"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 41084, version 1.66\012- data
Size:   41084
Md5:    03f859bf58e4d37841070de34be7d978
Sha1:   3436d4fa17e7ee470c3d62b08787cfa7de408408
Sha256: 5af5c3746b03792640b9cafdabddfb2c5407f72988e128541a88fa439607d940

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /hyi/-/dir/dist/DHL_head.html HTTP/1.1 
Host: gxjjcn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/0bdfc984d37519c3e30ad1a4ffa34244/execution.html?validation=e1s1

                                         
                                         203.195.137.159
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 03 Oct 2022 20:38:11 GMT
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6332e3ba-2d05"
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1836)
Size:   3449
Md5:    98b5839a1b1be9e91833d552215700f1
Sha1:   3949372c264253e08d55dfb1c088072aa6a98afd
Sha256: f379aba84f69f335ce51665341f2fa7841e2785d4eb450e61e5b7a009fadc071

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /hyi/-/dir/dist/DHL_footer.html HTTP/1.1 
Host: gxjjcn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/0bdfc984d37519c3e30ad1a4ffa34244/execution.html?validation=e1s1

                                         
                                         203.195.137.159
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 03 Oct 2022 20:38:11 GMT
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6332e3ba-3c69"
Content-Encoding: gzip


--- Additional Info ---
Magic:  exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (2591)
Size:   6310
Md5:    9af4e72c1ec135c251cce7c69fdc5a13
Sha1:   ed1fe1cc1ab66866578add655566d3da7a1049ef
Sha256: 6dfde0dd027711b3e162b91f9fd092ac5d7ac4a8342621c70d0a518bde927c64

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /hyi/-/dir/dist/load.php HTTP/1.1 
Host: gxjjcn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/0bdfc984d37519c3e30ad1a4ffa34244/execution.html?validation=e1s1

                                         
                                         203.195.137.159
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Mon, 03 Oct 2022 20:38:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.1.5
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document, ASCII text, with CRLF line terminators
Size:   1178
Md5:    c81ab15c01444ca14ab575ec887e6efd
Sha1:   336c0c787532534fbe935279de0e263c87dbe683
Sha256: 486bf42cfcdaa1a4fb885273935636932da78691aaabc36ecf2209bfe917972e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /country HTTP/1.1 
Host: ipinfo.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gxjjcn.com/
Origin: http://gxjjcn.com
Connection: keep-alive

                                         
                                         34.117.59.81
HTTP/1.1 302 Found
content-type: text/plain; charset=utf-8
                                        
access-control-allow-origin: *
location: https://ipinfo.io/country
vary: Accept, Accept-Encoding
date: Mon, 03 Oct 2022 20:38:11 GMT
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
transfer-encoding: chunked
Via: 1.1 google


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   72
Md5:    b79f12127b13f3298b65130f55033eea
Sha1:   0c5df3d4734c5d754f78df4dd08f329ce38ab901
Sha256: 76d7f55bf215f2132f41391f47b4efd048f7c3b61db2b650e2a0a9b4a02d79f0
                                        
                                            POST /s/gts1d4/5QlTZKzjgCw HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 20:38:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /hyi/-/dir/dist/favicon.ico HTTP/1.1 
Host: gxjjcn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/0bdfc984d37519c3e30ad1a4ffa34244/execution.html?validation=e1s1

                                         
                                         203.195.137.159
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Mon, 03 Oct 2022 20:38:11 GMT
Content-Length: 1150
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Connection: keep-alive
ETag: "6332e3ba-47e"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    d8106bf3a1d00ab43b01e6e3c92500eb
Sha1:   202b5e8654ab1b28351378293bca3b9d844cc29b
Sha256: 9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e
                                        
                                            GET /hyi/-/dir/dist/fonts/iconfont-e7bece496cd0e6d60e456bc2b48c9446.woff HTTP/1.1 
Host: gxjjcn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/dist/dhl.css

                                         
                                         203.195.137.159
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Server: nginx
Date: Mon, 03 Oct 2022 20:38:11 GMT
Content-Length: 9316
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Connection: keep-alive
ETag: "6332e3ba-2464"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 9316, version 1.0\012- data
Size:   9316
Md5:    9355df62a665ef9249036bbccad8c54c
Sha1:   6b7779a10187a1a7473f604fbe3db96350868c6a
Sha256: 6d051536af97fbd33fae0683a1b6ce3749757ab43c8ee8c89295755fd4595807

Alerts:
  urlquery:
    - Phishing - DHL
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /s/gts1d4/5QlTZKzjgCw HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 20:38:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /hyi/-/dir/dist/langpack/en.json HTTP/1.1 
Host: gxjjcn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/0bdfc984d37519c3e30ad1a4ffa34244/execution.html?validation=e1s1

                                         
                                         203.195.137.159
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Mon, 03 Oct 2022 20:38:11 GMT
Content-Length: 514
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Connection: keep-alive
ETag: "6332e3ba-202"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   514
Md5:    e5111c3d242107acc93f71f9c9182079
Sha1:   c648da6b0a6c4f9b89dbee1027cf9a7be36217ca
Sha256: 86f9abd216bc64ead1404975e2b6132aebc42ebd106e5be0f660b7e5852051a3

Alerts:
  urlquery:
    - Phishing - DHL
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /hyi/-/dir/dist/langpack/en.json HTTP/1.1 
Host: gxjjcn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/0bdfc984d37519c3e30ad1a4ffa34244/execution.html?validation=e1s1

                                         
                                         203.195.137.159
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Mon, 03 Oct 2022 20:38:11 GMT
Content-Length: 514
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Connection: keep-alive
ETag: "6332e3ba-202"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   514
Md5:    e5111c3d242107acc93f71f9c9182079
Sha1:   c648da6b0a6c4f9b89dbee1027cf9a7be36217ca
Sha256: 86f9abd216bc64ead1404975e2b6132aebc42ebd106e5be0f660b7e5852051a3

Alerts:
  urlquery:
    - Phishing - DHL
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /hyi/-/dir/dist/fonts/default-815fcbb4d2c57901701125d768f09d67.woff HTTP/1.1 
Host: gxjjcn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/dist/dhl.css

                                         
                                         203.195.137.159
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Server: nginx
Date: Mon, 03 Oct 2022 20:38:11 GMT
Content-Length: 41328
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Connection: keep-alive
ETag: "6332e3ba-a170"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 41328, version 1.66\012- data
Size:   41328
Md5:    e39bd2e2657ce5dd6f9c33df18529233
Sha1:   6db81ebb91bfa67cef8f2f870f03046150568799
Sha256: 19d0bda83ecbc986620468801adf000c77c3c38398650903c63fac8dcbac4383

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /hyi/-/dir/dist/fonts/default-3e828e80f6e985c352eba4474518978d.woff HTTP/1.1 
Host: gxjjcn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/dist/dhl.css

                                         
                                         203.195.137.159
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Server: nginx
Date: Mon, 03 Oct 2022 20:38:11 GMT
Content-Length: 44260
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Connection: keep-alive
ETag: "6332e3ba-ace4"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 44260, version 1.66\012- data
Size:   44260
Md5:    4a350e02a03ac62e72e9ea575b31ce84
Sha1:   d47b03b96b6e7034a1473a293bb594e597a41dc2
Sha256: 87c40e3961e21f759770615ae67568a3de3ec6e0735f1238a6aae062f4ea15d5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /hyi/-/dir/dist/DHL_track.html HTTP/1.1 
Host: gxjjcn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/0bdfc984d37519c3e30ad1a4ffa34244/execution.html?validation=e1s1
Cookie: langCookie=en

                                         
                                         203.195.137.159
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 03 Oct 2022 20:38:13 GMT
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6332e3ba-196f"
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (356)
Size:   2573
Md5:    0c7b7259abc46422f5d830687bbb0c84
Sha1:   4cc31e593f4c41166236fbf37b5bb4c88364df30
Sha256: dbde243b328fc1c7a707a8144a98cb359facd0102c53d176abafc80b8b4748a6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /hyi/-/dir/dist/jquery.validate.min.js HTTP/1.1 
Host: gxjjcn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/0bdfc984d37519c3e30ad1a4ffa34244/execution.html?validation=e1s1
Cookie: langCookie=en

                                         
                                         203.195.137.159
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 03 Oct 2022 20:38:13 GMT
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6332e3ba-5f38"
Expires: Tue, 04 Oct 2022 08:38:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (24237)
Size:   8756
Md5:    0aa2ca51109290ccf21ac5217babbbe1
Sha1:   7ea8f79d4df043f4cdd4db3bfeffe30787c21c5b
Sha256: c157bb061310123c090432240fdb79e6c6f5cd8a4501a87a72495cbe1f593a7c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gxjjcn.com/

                                         
                                         151.101.85.229
HTTP/1.1 301 Moved Permanently
                                        
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
Accept-Ranges: bytes
Date: Mon, 03 Oct 2022 20:38:13 GMT
X-Served-By: cache-bma1676-BMA
X-Cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

                                        
                                            GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://gxjjcn.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.16.1
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 03 Oct 2022 20:38:13 GMT
age: 11119699
x-served-by: cache-fra19126-FRA, cache-bma1632-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7503
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21060)
Size:   7503
Md5:    1f61c1b15b25ba046056238766ff3a43
Sha1:   2b8db740e4e913e9dc87a6060dea2a6b17ad0ec8
Sha256: fe78a2c604b4757dd5d114e0efb7e74c8f4acfe840bf6b6c01517205744a7648
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 03 Oct 2022 20:38:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "BA542C41990863435076AC9F30542EFA766F8061"
Expires: Tue, 04 Oct 2022 07:00:00 GMT
Last-Modified: Mon, 03 Oct 2022 19:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2665
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75487aef0efd1bfe-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    243a40ac4d729ca8b69fd94863f8ec11
Sha1:   a095c023e5509fee51925eda40062235db762ca3
Sha256: 214367cec134c75e66fe261696685eeb67655dbb9d64cc81bb92eb17af6e160c
                                        
                                            GET /hyi/-/dir/dist/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff HTTP/1.1 
Host: gxjjcn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://gxjjcn.com/hyi/-/dir/dist/dhl.css
Cookie: langCookie=en

                                         
                                         203.195.137.159
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Server: nginx
Date: Mon, 03 Oct 2022 20:38:13 GMT
Content-Length: 41352
Last-Modified: Tue, 27 Sep 2022 11:51:22 GMT
Connection: keep-alive
ETag: "6332e3ba-a188"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 41352, version 1.66\012- data
Size:   41352
Md5:    4e23ecf085132857bdb54b4da7373151
Sha1:   a50215c22a591536b21e509100d1707c6886ffd6
Sha256: b033eff45e6e8ecd5c5bccd8ef9a96c4dc37325adc64c5aed8b1d909b24c4eb4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /country HTTP/1.1 
Host: ipinfo.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: http://gxjjcn.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.59.81
HTTP/2 429 Too Many Requests
content-type: application/json; charset=utf-8
                                        
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
date: Mon, 03 Oct 2022 20:38:11 GMT
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---