r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2838
Expires: Mon, 30 Jan 2023 07:23:56 GMT
Date: Mon, 30 Jan 2023 06:36:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7ca37afa910427f94609332a501c4b27
ccbfaf6676e779da3d515690271ab19c98ad5b97
e45efae807ea648512d30831704b4c8e1a3ddd0611246333b6c874a9220836bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E45EFAE807EA648512D30831704B4C8E1A3DDD0611246333B6C874A9220836BF"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6219
Expires: Mon, 30 Jan 2023 08:20:17 GMT
Date: Mon, 30 Jan 2023 06:36:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5881
Expires: Mon, 30 Jan 2023 08:14:39 GMT
Date: Mon, 30 Jan 2023 06:36:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6Xp1JHTCoAbwsYMrh6mvuU3pkMEMEXpxVwt71Cth8vI/daVJsCAE2997f6rpua+hyJ/sOM0gd8A=
x-amz-request-id: QVNT07HY1E3QC383
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 05:50:37 GMT
age: 2761
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 42 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash f07b0425ba4dc666d0ec15f00938ed34
e89a3c2e07f7629833410a6d21012f9314319cdd
0ac6371de25c3800d5ae8cef89626390c21d204587cd303c1a03441f78b4a42e
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: z87Vwz7N_uk8upoLtEMauiXwBQSJ7mBMX7Gc6UxepbtQfTvjMezUfQ==
content-encoding: gzip
via: 1.1 020978022b22df6352245f09cfbc410c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 06:22:46 GMT
content-type: application/json
content-length: 42005
age: 832
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3426
Expires: Mon, 30 Jan 2023 07:33:44 GMT
Date: Mon, 30 Jan 2023 06:36:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 06:35:42 GMT
content-type: application/json
age: 56
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:36:38 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
51jmwfgg.com/
154.23.140.86301 Moved Permanently 147 B IP 154.23.140.86:0
ASN #140224 STARCLOUD GLOBAL PTE., LTD.
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text
Hash e513754e66ebf4f8c642859757edeaa1
d2e2d6132f3cb103216c182c24e1b563cc68f725
2ece68220a9a59a4fd4a91ce639f518ba5a2a4f02b7098f9578864f7b26f3fb0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: 51jmwfgg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: http://www.51jmwfgg.com/
Server:
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
X-Powered-By: WAF/2.0
Date: Mon, 30 Jan 2023 06:36:18 GMT
Content-Length: 147
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 05:49:04 GMT
age: 2854
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17046
Expires: Mon, 30 Jan 2023 11:20:45 GMT
Date: Mon, 30 Jan 2023 06:36:39 GMT
Connection: keep-alive
push.services.mozilla.com/
52.37.79.227101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.37.79.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uoQ6Il0BSOfVT8DLeGOimA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yhZ1Scj1n7iQjDoYHzpf8mDT+c8=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13068
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 06:36:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13068
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 06:36:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13068
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 06:36:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc895bb6-fa1f-4972-a2f8-5ce71b0c72c0.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc895bb6-fa1f-4972-a2f8-5ce71b0c72c0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d200552d23c85c199558b79cc24348f
8cc20b9ce98eeacd5b826268da24955a82e78a01
09b05ae6f75b5141401ddc49014e0eb2eac0856ba3b5020bc85f4a9a64d3d2a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc895bb6-fa1f-4972-a2f8-5ce71b0c72c0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9700
x-amzn-requestid: 9f944a46-7e39-44c3-a640-3c7e9b778bca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkoEEkJIAMFs0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7cd-4b29196f5bd1b2fb04e6363f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WdAuArY0X2z4d6i17ZJ0521rzGRJS8FtaN-Kqvzg0fqW3F-HptEvNA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:10:01 GMT
age: 30399
etag: "8cc20b9ce98eeacd5b826268da24955a82e78a01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7aae2b2c-8949-4749-8a9b-24d6a82a5b50.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7aae2b2c-8949-4749-8a9b-24d6a82a5b50.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 435598df0723ba8070784ee6a8d6de8b
0dab67801b42d738a5074ec3f0489f04c5e6552c
05339073fff5fe4213a38505242c577f579aba68d5c249e8bac10b03d379a2dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7aae2b2c-8949-4749-8a9b-24d6a82a5b50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10616
x-amzn-requestid: 809aadb4-f948-41a5-82bc-84a520a5689a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEZIIAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-2c659eae4d513b433aa749e3;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4v4fldiJ0EsLGeNNodBg_GPY8hiq1Yyr5kzBIYyZXuf8bcTZ4CmsHQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 31518
etag: "0dab67801b42d738a5074ec3f0489f04c5e6552c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 17:35:56 GMT
age: 46844
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83495dde-218f-4893-8556-3013e3f83f78.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83495dde-218f-4893-8556-3013e3f83f78.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8901f99d8e3001e442c887f89e2e650
a61875fcee6c09087462f0443286482d903725bc
d3a69a5bce1852c464755452d7f5a88f0d20fbed14b9f16ac6f539d4d1bfdb21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83495dde-218f-4893-8556-3013e3f83f78.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5960
x-amzn-requestid: 313f5526-984b-4224-b321-732fe5ae5a7d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkl0HimoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-430032d00080eff464e4d574;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TiZDGG_JsgbKWvLfQn_uioEKmxzYKKV8cT9wJ2PntoNPb4r1a2YKtg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:04:24 GMT
age: 30736
etag: "a61875fcee6c09087462f0443286482d903725bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VHh2SQ21xoDoBnGvM2kRiposhXuCE-DdWW1bM35kEykjbHYmhsldVA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 31518
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 546f1cb9f94ea553ae884a6f50c6bd3d
fd08d9841bcd8864aaf2e5d93ca61b31246b6db5
5aba48ac6c65e371c6c1aeee43f97670f196d3a3933b9f5812a67be90b7dbdfa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5764
x-amzn-requestid: 33ebf979-ba40-451e-bbdb-3ee4a9dc07ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhksyGRVoAMF5UQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7eb-55fcbb4d6d88dbf758409801;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: X3lzViVGoynSgoeenp6EIU2E3FMSRlKNGOy73pIOAASV11hOk2B4UA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:11:45 GMT
age: 30295
etag: "fd08d9841bcd8864aaf2e5d93ca61b31246b6db5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.51jmwfgg.com/
154.23.140.86200 OK 15 kB IP 154.23.140.86:0
ASN #140224 STARCLOUD GLOBAL PTE., LTD.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ISO-8859 text, with very long lines (637), with CRLF line terminators
Hash 70c5127c81ef93257cbba9674a87eab3
eb539dbab899cb725779f98b406a4daadff2767c
12a07a43b3bb2b05be2ac510b2affbc98ab3f545a04a92ca8cad6cf65da8bcfd
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.51jmwfgg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding
Server:
Set-Cookie: ASPSESSIONIDACDCRADD=JADHIHKDHJCOCHHJFKMFINGM; path=/
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
X-Powered-By: WAF/2.0
Date: Mon, 30 Jan 2023 06:36:19 GMT
Content-Length: 15033
www.51jmwfgg.com/js/jquery.SuperSlide.2.1.js
154.23.140.86200 OK 4.2 kB URL HTTP/1.1 www.51jmwfgg.com/js/jquery.SuperSlide.2.1.js
IP 154.23.140.86:0
ASN #140224 STARCLOUD GLOBAL PTE., LTD.
File type ASCII text, with very long lines (11042), with CRLF line terminators
Hash 07974cb2c6da5ad9dd915af75e29d595
d8dcfb2a3e42eb7de59b528356233af3c24f8f82
0d44e8e3f4e1b3c7a9c38d034c678502ca9a34500db4d36c09fea55bf85a4c62
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.SuperSlide.2.1.js HTTP/1.1
Host: www.51jmwfgg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.51jmwfgg.com/
Cookie: ASPSESSIONIDACDCRADD=JADHIHKDHJCOCHHJFKMFINGM
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 22 May 2019 15:32:03 GMT
Accept-Ranges: bytes
ETag: "49f54c81b310d51:0"
Vary: Accept-Encoding
Server:
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
X-Powered-By: WAF/2.0
Date: Mon, 30 Jan 2023 06:36:19 GMT
Content-Length: 4200
www.51jmwfgg.com/main.css?v=1.0
154.23.140.86200 OK 5.6 kB URL HTTP/1.1 www.51jmwfgg.com/main.css?v=1.0
IP 154.23.140.86:0
ASN #140224 STARCLOUD GLOBAL PTE., LTD.
File type ISO-8859 text, with CRLF line terminators
Hash 45bd19a3a0143f0f117069cca32d026f
cbc4a08666c0a353bdc1ed824171e4527a033e05
df3c301010fc2fc4a6368dc0e5250141ed14369f994e29a6d07b015078b716d4
Analyzer Verdict Alert fortinet Phishing
GET /main.css?v=1.0 HTTP/1.1
Host: www.51jmwfgg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.51jmwfgg.com/
Cookie: ASPSESSIONIDACDCRADD=JADHIHKDHJCOCHHJFKMFINGM
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Tue, 31 Aug 2021 03:28:16 GMT
Accept-Ranges: bytes
ETag: "27a4d83c189ed71:0"
Vary: Accept-Encoding
Server:
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
X-Powered-By: WAF/2.0
Date: Mon, 30 Jan 2023 06:36:19 GMT
Content-Length: 5618
www.51jmwfgg.com/css/foot.css
154.23.140.86200 OK 781 B URL HTTP/1.1 www.51jmwfgg.com/css/foot.css
IP 154.23.140.86:0
ASN #140224 STARCLOUD GLOBAL PTE., LTD.
File type ASCII text, with CRLF line terminators
Hash d8c3cf39d624900855565eb1843365b2
c8420ed6f02984476ffdf939716e938a3ef5b261
fc25bcadf2bc83ef748dd54e0640eeea70dbcbdf1d4c36f88bc46a942dc84864
GET /css/foot.css HTTP/1.1
Host: www.51jmwfgg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.51jmwfgg.com/
Cookie: ASPSESSIONIDACDCRADD=JADHIHKDHJCOCHHJFKMFINGM
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 22 May 2019 15:28:34 GMT
Accept-Ranges: bytes
ETag: "be42135b310d51:0"
Vary: Accept-Encoding
Server:
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
X-Powered-By: WAF/2.0
Date: Mon, 30 Jan 2023 06:36:20 GMT
Content-Length: 781
js.users.51.la/20057013.js
103.143.19.103200 OK 2.4 kB URL HTTP/1.1 js.users.51.la/20057013.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type HTML document, ASCII text, with very long lines (5068)
Hash 1ac316db64b89677597c3d8285e107e1
02f45932b577896f76d355a7b977bd028f748a3b
cf6a6324c42b461143b329cccf01c93622553c37c22196dc225a8e09003ef1d5
GET /20057013.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.51jmwfgg.com/
HTTP/1.1 200 OK
Server: CloudWAF
Date: Mon, 30 Jan 2023 06:36:42 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=70d4221db247672f223; path=/
HWWAFSESTIME=1675060600840; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
www.51jmwfgg.com/js/NSW_Index.js
154.23.140.86200 OK 60 kB URL HTTP/1.1 www.51jmwfgg.com/js/NSW_Index.js
IP 154.23.140.86:0
ASN #140224 STARCLOUD GLOBAL PTE., LTD.
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (38964), with CRLF line terminators
Hash 2c868d3a712bbbb669f039335dbbb268
a1104de2953593f6e40b36c044b91ee3875341b6
7a0114facde812bfb4f989a10c8a811e14259941c802723e27f83d55418394d0
Analyzer Verdict Alert fortinet Phishing
GET /js/NSW_Index.js HTTP/1.1
Host: www.51jmwfgg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.51jmwfgg.com/
Cookie: ASPSESSIONIDACDCRADD=JADHIHKDHJCOCHHJFKMFINGM
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 22 May 2019 15:32:05 GMT
Accept-Ranges: bytes
ETag: "136c9382b310d51:0"
Vary: Accept-Encoding
Server:
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
X-Powered-By: WAF/2.0
Date: Mon, 30 Jan 2023 06:36:19 GMT
Content-Length: 60474
www.51jmwfgg.com/js/jquery-1.7.1.min.js
154.23.140.86200 OK 42 kB URL HTTP/1.1 www.51jmwfgg.com/js/jquery-1.7.1.min.js
IP 154.23.140.86:0
ASN #140224 STARCLOUD GLOBAL PTE., LTD.
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash f7dc87b1ddafd592a5ac62ff0f02b3cb
61feb59be189c1a87e7476727f3a17a7d52965bd
2b69f0b56c3abae246748f35e17d8743dd53010c98e9b22001fc600ec0b79b9f
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery-1.7.1.min.js HTTP/1.1
Host: www.51jmwfgg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.51jmwfgg.com/
Cookie: ASPSESSIONIDACDCRADD=JADHIHKDHJCOCHHJFKMFINGM
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 22 May 2019 15:32:04 GMT
Accept-Ranges: bytes
ETag: "3934e381b310d51:0"
Vary: Accept-Encoding
Server:
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
X-Powered-By: WAF/2.0
Date: Mon, 30 Jan 2023 06:36:19 GMT
Content-Length: 42060
ia.51.la/go1?id=20057013&rt=1675060616300&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E8%2581%258A%25E5%259F%258E%25E4%25BD%25B0%25E5%25BC%25BA%25E9%2587%2591%25E5%25B1%259E%25E5%2588%25B6%25E5%2593%2581%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8(18863501393)%25E4%25B8%25BB%25E8%2590%25A5%25E4%25B8%259A%25E5%258A%25A1%25E4%25B8%258D&ing=1&ekc=&sid=1675060616300&tt=%25E4%25B8%258D%25E9%2594%2588%25E9%2592%25A2%25E5%25A4%258D%25E5%2590%2588%25E7%25AE%25A1%257C%25E9%2598%25B2%25E6%2592%259E%25E6%258A%25A4%25E6%25A0%258F%257C%25E4%25B8%258D%25E9%2594%2588%25E9%2592%25A2%25E5%25A4%258D%25E5%2590%2588%25E7%25AE%25A1%25E6%258A%25A4%25E6%25A0%258F%257C%25E9%2593%259D%25E5%2590%2588%25E9%2587%2591%25E6%258A%25A4%25E6%25A0%258F%257C%25E8%2581%258A%25E5%259F%258E%25E4%25BD%25B0%25E5%25BC%25BA%25E9%2587%2591%25E5%25B1%259E%25E5%2588%25B6%25E5%2593%2581%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=%25E4%25B8%258D%25E9%2594%2588%25E9%2592%25A2%25E5%25A4%258D%25E5%2590%2588%25E7%25AE%25A1%257C%25E9%2598%25B2%25E6%2592%259E%25E6%258A%25A4%25E6%25A0%258F%257C%25E4%25B8%258D%25E9%2594%2588%25E9%2592%25A2%25E5%25A4%258D%25E5%2590%2588%25E7%25AE%25A1%25E6%258A%25A4%25E6%25A0%258F%257C%25E9%2593%259D%25E5%2590%2588%25E9%2587%2591%25E6%258A%25A4%25E6%25A0%258F%257C%25E8%2581%258A%25E5%259F%258E%25E4%25BD%25B0%25E5%25BC%25BA%25E9%2587%2591%25E5%25B1%259E%25E5%2588%25B6%25E5%2593%2581%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&cu=http%253A%252F%252Fwww.51jmwfgg.com%252F&pu=
112.90.153.36200 0 B URL HTTP/1.1 ia.51.la/go1?id=20057013&rt=1675060616300&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E8%2581%258A%25E5%259F%258E%25E4%25BD%25B0%25E5%25BC%25BA%25E9%2587%2591%25E5%25B1%259E%25E5%2588%25B6%25E5%2593%2581%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8(18863501393)%25E4%25B8%25BB%25E8%2590%25A5%25E4%25B8%259A%25E5%258A%25A1%25E4%25B8%258D&ing=1&ekc=&sid=1675060616300&tt=%25E4%25B8%258D%25E9%2594%2588%25E9%2592%25A2%25E5%25A4%258D%25E5%2590%2588%25E7%25AE%25A1%257C%25E9%2598%25B2%25E6%2592%259E%25E6%258A%25A4%25E6%25A0%258F%257C%25E4%25B8%258D%25E9%2594%2588%25E9%2592%25A2%25E5%25A4%258D%25E5%2590%2588%25E7%25AE%25A1%25E6%258A%25A4%25E6%25A0%258F%257C%25E9%2593%259D%25E5%2590%2588%25E9%2587%2591%25E6%258A%25A4%25E6%25A0%258F%257C%25E8%2581%258A%25E5%259F%258E%25E4%25BD%25B0%25E5%25BC%25BA%25E9%2587%2591%25E5%25B1%259E%25E5%2588%25B6%25E5%2593%2581%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=%25E4%25B8%258D%25E9%2594%2588%25E9%2592%25A2%25E5%25A4%258D%25E5%2590%2588%25E7%25AE%25A1%257C%25E9%2598%25B2%25E6%2592%259E%25E6%258A%25A4%25E6%25A0%258F%257C%25E4%25B8%258D%25E9%2594%2588%25E9%2592%25A2%25E5%25A4%258D%25E5%2590%2588%25E7%25AE%25A1%25E6%258A%25A4%25E6%25A0%258F%257C%25E9%2593%259D%25E5%2590%2588%25E9%2587%2591%25E6%258A%25A4%25E6%25A0%258F%257C%25E8%2581%258A%25E5%259F%258E%25E4%25BD%25B0%25E5%25BC%25BA%25E9%2587%2591%25E5%25B1%259E%25E5%2588%25B6%25E5%2593%2581%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&cu=http%253A%252F%252Fwww.51jmwfgg.com%252F&pu=
IP 112.90.153.36:0
ASN #136959 China Unicom Guangdong IP network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=20057013&rt=1675060616300&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E8%2581%258A%25E5%259F%258E%25E4%25BD%25B0%25E5%25BC%25BA%25E9%2587%2591%25E5%25B1%259E%25E5%2588%25B6%25E5%2593%2581%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8(18863501393)%25E4%25B8%25BB%25E8%2590%25A5%25E4%25B8%259A%25E5%258A%25A1%25E4%25B8%258D&ing=1&ekc=&sid=1675060616300&tt=%25E4%25B8%258D%25E9%2594%2588%25E9%2592%25A2%25E5%25A4%258D%25E5%2590%2588%25E7%25AE%25A1%257C%25E9%2598%25B2%25E6%2592%259E%25E6%258A%25A4%25E6%25A0%258F%257C%25E4%25B8%258D%25E9%2594%2588%25E9%2592%25A2%25E5%25A4%258D%25E5%2590%2588%25E7%25AE%25A1%25E6%258A%25A4%25E6%25A0%258F%257C%25E9%2593%259D%25E5%2590%2588%25E9%2587%2591%25E6%258A%25A4%25E6%25A0%258F%257C%25E8%2581%258A%25E5%259F%258E%25E4%25BD%25B0%25E5%25BC%25BA%25E9%2587%2591%25E5%25B1%259E%25E5%2588%25B6%25E5%2593%2581%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=%25E4%25B8%258D%25E9%2594%2588%25E9%2592%25A2%25E5%25A4%258D%25E5%2590%2588%25E7%25AE%25A1%257C%25E9%2598%25B2%25E6%2592%259E%25E6%258A%25A4%25E6%25A0%258F%257C%25E4%25B8%258D%25E9%2594%2588%25E9%2592%25A2%25E5%25A4%258D%25E5%2590%2588%25E7%25AE%25A1%25E6%258A%25A4%25E6%25A0%258F%257C%25E9%2593%259D%25E5%2590%2588%25E9%2587%2591%25E6%258A%25A4%25E6%25A0%258F%257C%25E8%2581%258A%25E5%259F%258E%25E4%25BD%25B0%25E5%25BC%25BA%25E9%2587%2591%25E5%25B1%259E%25E5%2588%25B6%25E5%2593%2581%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&cu=http%253A%252F%252Fwww.51jmwfgg.com%252F&pu= HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.51jmwfgg.com/
HTTP/1.1 200
Content-Length: 0
Date: Mon, 30 Jan 2023 06:36:39 GMT
www.51jmwfgg.com/img/ttbg.jpg
154.23.140.86200 OK 1.2 kB URL HTTP/1.1 www.51jmwfgg.com/img/ttbg.jpg
IP 154.23.140.86:0
ASN #140224 STARCLOUD GLOBAL PTE., LTD.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1x30, components 3\012- data
Hash 7d24bc3b111a0692f78063af87a5c35f
4358b877601113e196ff37dc86fb13433ebbdb49
50d5be793b983db9dea4cd3c1205e339b573cc189d34b733c4d0b5bffc0c41de
GET /img/ttbg.jpg HTTP/1.1
Host: www.51jmwfgg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.51jmwfgg.com/main.css?v=1.0
Cookie: ASPSESSIONIDACDCRADD=JADHIHKDHJCOCHHJFKMFINGM; __tins__20057013=%7B%22sid%22%3A%201675060616300%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201675062416300%7D; __51cke__=; __51laig__=1
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 22 May 2019 15:31:41 GMT
Accept-Ranges: bytes
ETag: "8ffb3a74b310d51:0"
Server:
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
X-Powered-By: WAF/2.0
Date: Mon, 30 Jan 2023 06:36:25 GMT
Content-Length: 1237
www.51jmwfgg.com/text.txt
154.23.140.86200 OK 9.7 kB URL HTTP/1.1 www.51jmwfgg.com/text.txt
IP 154.23.140.86:0
ASN #140224 STARCLOUD GLOBAL PTE., LTD.
Hash 81a6922fe51de1fc542d332b8222992a
80e4dae59b3e596781eb29e5039589835246aa9f
31c32d36881c0f6ccd7b168292cc934bf1e4f3887a007e3113bed1b7061c6ef8
Analyzer Verdict Alert fortinet Phishing
GET /text.txt HTTP/1.1
Host: www.51jmwfgg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.51jmwfgg.com/main.css?v=1.0
Cookie: ASPSESSIONIDACDCRADD=JADHIHKDHJCOCHHJFKMFINGM
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
X-Powered-By: WAF/2.0
Date: Mon, 30 Jan 2023 06:36:25 GMT
Content-Length: 1552
www.51jmwfgg.com/UploadFiles/image/20190522/20190522092448594859.jpg
154.23.140.86200 OK 0 B URL HTTP/1.1 www.51jmwfgg.com/UploadFiles/image/20190522/20190522092448594859.jpg
IP 154.23.140.86:0
ASN #140224 STARCLOUD GLOBAL PTE., LTD.
GET /UploadFiles/image/20190522/20190522092448594859.jpg HTTP/1.1
Host: www.51jmwfgg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.51jmwfgg.com/
Cookie: ASPSESSIONIDACDCRADD=JADHIHKDHJCOCHHJFKMFINGM
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 22 May 2019 15:33:03 GMT
Accept-Ranges: bytes
ETag: "73810a5b310d51:0"
Server:
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
X-Powered-By: WAF/2.0
Date: Mon, 30 Jan 2023 06:36:25 GMT
Content-Length: 166233
www.51jmwfgg.com/UploadFiles/image/%E7%AB%8B%E6%9F%B1/1%20(9).jpg
154.23.140.86200 OK 0 B URL HTTP/1.1 www.51jmwfgg.com/UploadFiles/image/%E7%AB%8B%E6%9F%B1/1%20(9).jpg
IP 154.23.140.86:0
ASN #140224 STARCLOUD GLOBAL PTE., LTD.
GET /UploadFiles/image/%E7%AB%8B%E6%9F%B1/1%20(9).jpg HTTP/1.1
Host: www.51jmwfgg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.51jmwfgg.com/
Cookie: ASPSESSIONIDACDCRADD=JADHIHKDHJCOCHHJFKMFINGM
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Sat, 24 Jul 2021 14:36:19 GMT
Accept-Ranges: bytes
ETag: "2ac768449980d71:0"
Server:
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
X-Powered-By: WAF/2.0
Date: Mon, 30 Jan 2023 06:36:25 GMT
Content-Length: 153175
www.51jmwfgg.com/UploadFiles/image/%E7%99%BD%E5%BA%95%E5%9B%BE/%E5%BE%AE%E4%BF%A1%E5%9B%BE%E7%89%87_20191011222612.jpg
154.23.140.86200 OK 0 B URL HTTP/1.1 www.51jmwfgg.com/UploadFiles/image/%E7%99%BD%E5%BA%95%E5%9B%BE/%E5%BE%AE%E4%BF%A1%E5%9B%BE%E7%89%87_20191011222612.jpg
IP 154.23.140.86:0
ASN #140224 STARCLOUD GLOBAL PTE., LTD.
GET /UploadFiles/image/%E7%99%BD%E5%BA%95%E5%9B%BE/%E5%BE%AE%E4%BF%A1%E5%9B%BE%E7%89%87_20191011222612.jpg HTTP/1.1
Host: www.51jmwfgg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.51jmwfgg.com/
Cookie: ASPSESSIONIDACDCRADD=JADHIHKDHJCOCHHJFKMFINGM
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Sat, 24 Jul 2021 14:31:10 GMT
Accept-Ranges: bytes
ETag: "8c89d48b9880d71:0"
Server:
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
X-Powered-By: WAF/2.0
Date: Mon, 30 Jan 2023 06:36:25 GMT
Content-Length: 94464
www.51jmwfgg.com/UploadFiles/image/20191102/20191102084520822082.jpg
154.23.140.86200 OK 0 B URL HTTP/1.1 www.51jmwfgg.com/UploadFiles/image/20191102/20191102084520822082.jpg
IP 154.23.140.86:0
ASN #140224 STARCLOUD GLOBAL PTE., LTD.
GET /UploadFiles/image/20191102/20191102084520822082.jpg HTTP/1.1
Host: www.51jmwfgg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.51jmwfgg.com/
Cookie: ASPSESSIONIDACDCRADD=JADHIHKDHJCOCHHJFKMFINGM
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Sat, 24 Jul 2021 14:23:38 GMT
Accept-Ranges: bytes
ETag: "a2ece17e9780d71:0"
Server:
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
X-Powered-By: WAF/2.0
Date: Mon, 30 Jan 2023 06:36:25 GMT
Content-Length: 30918
www.51jmwfgg.com/UploadFiles/image/20190523/20190523074866426642.jpg
154.23.140.86200 OK 0 B URL HTTP/1.1 www.51jmwfgg.com/UploadFiles/image/20190523/20190523074866426642.jpg
IP 154.23.140.86:0
ASN #140224 STARCLOUD GLOBAL PTE., LTD.
GET /UploadFiles/image/20190523/20190523074866426642.jpg HTTP/1.1
Host: www.51jmwfgg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.51jmwfgg.com/
Cookie: ASPSESSIONIDACDCRADD=JADHIHKDHJCOCHHJFKMFINGM
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Sat, 24 Jul 2021 14:21:24 GMT
Accept-Ranges: bytes
ETag: "8cec8b2e9780d71:0"
Server:
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
X-Powered-By: WAF/2.0
Date: Mon, 30 Jan 2023 06:36:25 GMT
Content-Length: 148419
www.51jmwfgg.com/img/banner1.jpg
154.23.140.86200 OK 0 B URL HTTP/1.1 www.51jmwfgg.com/img/banner1.jpg
IP 154.23.140.86:0
ASN #140224 STARCLOUD GLOBAL PTE., LTD.
GET /img/banner1.jpg HTTP/1.1
Host: www.51jmwfgg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.51jmwfgg.com/
Cookie: ASPSESSIONIDACDCRADD=JADHIHKDHJCOCHHJFKMFINGM; __tins__20057013=%7B%22sid%22%3A%201675060616300%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201675062416300%7D; __51cke__=; __51laig__=1
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Sat, 24 Jul 2021 14:30:45 GMT
Accept-Ranges: bytes
ETag: "b4342e7d9880d71:0"
Server:
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
X-Powered-By: WAF/2.0
Date: Mon, 30 Jan 2023 06:36:26 GMT
Content-Length: 262507