Report - 106.12.224.4/manage.bz2

Report Overview

Submitted URL
106.12.224.4/manage.bz2
IP
106.12.224.4
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Submitted
2023-01-05 16:20:59
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	49 kB	34.120.237.76
106.12.224.4	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.6 kB	41 kB	106.12.224.4
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.210.158.59
ocsp.dcocsp.cn	33518	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.8 kB	47.246.44.229
baoxian.dxmstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.8 kB	249 kB	185.10.104.115
hm.baidu.com	8254	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	13 kB	103.235.46.191
passport.duxiaoman.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	6.2 kB	106.12.226.216
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	797 B	93.184.220.29
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	359 B	2.0 kB	151.101.130.133
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
w1.dxmstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	701 B	58.254.180.65

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-05	medium	106.12.224.4	Sinkholed
2023-01-05	medium	106.12.224.4	Sinkholed
2023-01-05	medium	106.12.224.4	Sinkholed
2023-01-05	medium	106.12.224.4	Sinkholed
2023-01-05	medium	106.12.224.4	Sinkholed
2023-01-05	medium	106.12.224.4	Sinkholed
2023-01-05	medium	106.12.224.4	Sinkholed
2023-01-05	medium	106.12.224.4	Sinkholed
2023-01-05	medium	106.12.224.4	Sinkholed
2023-01-05	medium	106.12.224.4	Sinkholed

JavaScript (13)

	URL	Size	First Seen	Last Seen
	106.12.224.4/manage.bz2	2.2 kB	2023-03-08	2023-03-26
Pretty URL 106.12.224.4/manage.bz2 IP 106.12.224.4 ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:00:46 Last Seen2023-03-26 08:39:53 Times Seen3 Hash 75a1824a800e1d587f3f5bed665b39a8 1261c2f7b9a4890595f14994bacd2ad80f65ed89 2d8406e9d8e741c39d7142336fa21c7a1414e06123e7585f26e70ab6e130f5c0 Loading...

	baoxian.dxmstatic.com/assets/m/js/jquery.b9ec3c55.chunk.js	89 kB	2023-03-08	2023-03-12
Pretty URL baoxian.dxmstatic.com/assets/m/js/jquery.b9ec3c55.chunk.js IP 185.10.104.115 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:00:46 Last Seen2023-03-12 18:12:49 Times Seen1 Hash 06cb59acfa4ae5ee58fc26096cdc4887 b5ebb1ca0d7fd7fe80032f751af5e85fa57968f5 d22188e4b0320db9b2e02b39441d04001a134f5366cf11bc70f05f0473bf2ce5 Loading...

	baoxian.dxmstatic.com/assets/m/js/1.146819cd.chunk.js	136 kB	2023-03-08	2023-03-13
Pretty URL baoxian.dxmstatic.com/assets/m/js/1.146819cd.chunk.js IP 185.10.104.115 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:00:46 Last Seen2023-03-13 14:18:23 Times Seen1 Hash a8a0348bf4b478bcc63cdd4f93bf1f8e 87e07d41fd3f7efa6f963286627c59e341ca6bbb b11ab6d872fb2b2b6a1d1b58d6afeb7b37b5cb45fd56762bd804c6295bc4bd53 Loading...

	w1.dxmstatic.com/static/xstatic2/todotask/todotask.1.6.js?r=2021110213	46 kB	2023-03-08	2023-04-17
Pretty URL w1.dxmstatic.com/static/xstatic2/todotask/todotask.1.6.js?r=2021110213 IP 58.254.180.65 ASN #136958 China Unicom Guangdong IP network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:00:46 Last Seen2023-04-17 18:23:03 Times Seen12 Hash fe8f3061fa936e98d539def4a938d366 7fabd5b337d87b58e06ffa5114a50e35147dcd03 4e5cdf8da15f2aa124584d3d3f8b1b63479d75886149ea04c576c51253910e55 Loading...

	106.12.224.4/manage.bz2	37 B	2023-03-12	2023-03-12
Pretty URL 106.12.224.4/manage.bz2 IP 106.12.224.4 ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:20:40 Last Seen2023-03-12 15:20:40 Times Seen1 Hash 0380b30c5ca26e3a16a6c528715cfbff c2972b6d12779613c867dc4b8683817ca2fb50c7 6cead37ba57a592b09aeedd9c1abd2a61c8226609eece2e5c930b28a9bbc4cd9 Loading...

	106.12.224.4/manage.bz2	625 B	2023-03-08	2023-03-12
Pretty URL 106.12.224.4/manage.bz2 IP 106.12.224.4 ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:00:46 Last Seen2023-03-12 18:12:50 Times Seen1 Hash b7f8f97aa3bc175f0a58e3c0afb348fc 974d602c1a0fc4d726db210cb7a9bee2022ae450 74a9e27a027a9c55848e1750cb29921eb01dea42dc02abc9ba2bbfc37af9496f Loading...

	106.12.224.4/assets/monitor/insur-monitor-web.js	47 kB	2023-03-12	2023-03-13
Pretty URL 106.12.224.4/assets/monitor/insur-monitor-web.js IP 106.12.224.4 ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 12:58:01 Last Seen2023-03-13 18:29:24 Times Seen1 Hash 8a86ca7c65c927262aafa4bcc6951b28 d1602ab8b26da957dffafdc55926858a5936e0cd eb3997c2f048ea22ba0dfe64465e07af9099610648900866f76949abf72760c6 Loading...

	baoxian.dxmstatic.com/assets/m/js/manifest.f10d032e.bundle.js	8.2 kB	2023-03-12	2023-03-12
Pretty URL baoxian.dxmstatic.com/assets/m/js/manifest.f10d032e.bundle.js IP 185.10.104.115 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 12:58:01 Last Seen2023-03-12 18:12:49 Times Seen1 Hash 0da387d78df464d9856e9a32496c42b8 270dcfadc9c71f809fad8644a8713ebe72af982e c0a73d0c56a0199e8070df9d5732cd03cbf3adb63bf87f0f78f6b4475493f8e6 Loading...

	baoxian.dxmstatic.com/assets/m/js/lodash.fd812dc4.chunk.js	71 kB	2023-03-08	2023-03-12
Pretty URL baoxian.dxmstatic.com/assets/m/js/lodash.fd812dc4.chunk.js IP 185.10.104.115 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:00:46 Last Seen2023-03-12 18:12:49 Times Seen1 Hash d8fae3dd9df6005c12cb9f91d3c6dcbc a38ce2a10f1720cd6e264f3b3c5ff2ed54597ebb 804a4f4d154ce95c8ed441cc191ce01d2b15f55af546ed40bc5f3c2a6dbeb2d6 Loading...

	baoxian.dxmstatic.com/assets/m/js/vant.9e3f21e2.chunk.js	168 kB	2023-03-08	2023-03-12
Pretty URL baoxian.dxmstatic.com/assets/m/js/vant.9e3f21e2.chunk.js IP 185.10.104.115 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:00:46 Last Seen2023-03-12 18:12:49 Times Seen1 Hash cc52b3e6701a5154769cc0b891f43da2 313e4bf063ddbe218fba73dcc99eb90e38e0c9ac 3486aa158b2b8f26e2603a78c1e588f140c7a06a805ff389d9aa3bdd34531da1 Loading...

	baoxian.dxmstatic.com/assets/m/js/app.41ba883a.chunk.js	407 kB	2023-03-12	2023-03-12
Pretty URL baoxian.dxmstatic.com/assets/m/js/app.41ba883a.chunk.js IP 185.10.104.115 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 12:58:01 Last Seen2023-03-12 18:12:49 Times Seen1 Hash b28fcbacf01d7f7f3ae9a6bc0be55cf1 5fa7b718e8f8dfaeec2d083cdc6878636474a167 5ac90606e6d06932dbcd383206d12b49581490053e0f71236cdb6a4be15ce1d0 Loading...

	hm.baidu.com/hm.js?d5ba068ce0bdbb86e2be209d513162f8	30 kB	2023-03-12	2023-03-12
Pretty URL hm.baidu.com/hm.js?d5ba068ce0bdbb86e2be209d513162f8 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:20:40 Last Seen2023-03-12 15:20:40 Times Seen1 Hash 371ab64ada526c18a58e9ecad75d3888 87fa1ddb689cfb0d8dbe88e234cd2d7e00b16ad8 4974babbb3c696e80ce07c2630990a19f917f1a9e8333e9103cae9f5d44ffccc Loading...

	baoxian.dxmstatic.com/assets/m/js/23.f041d1c9.chunk.js	54 kB	2023-03-12	2023-03-12
Pretty URL baoxian.dxmstatic.com/assets/m/js/23.f041d1c9.chunk.js IP 185.10.104.115 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 12:58:01 Last Seen2023-03-12 18:12:50 Times Seen1 Hash 01de5e2012ae22c51a58ea6f32f50e97 b9d97c56a0ef84f668755bb2d5872feb66ec38c0 3441ef4cf65db779f498b00e1acfc9264a1cccb043829f8b0292fd6931205de7 Loading...

HTTP Transactions (57)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
326898eb925368408f6f42ee173b9d89
b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8
96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3804
Expires: Thu, 05 Jan 2023 17:24:11 GMT
Date: Thu, 05 Jan 2023 16:20:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ce8af3d72e7e9af609039abee59c8b87
8e1b16591fbc632df35f15e23da55ee86af31bc3
52edddbda4a3a3b778f61a491b21e6ea439e9d8024189e636b1f37b2dd7226fc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52EDDDBDA4A3A3B778F61A491B21E6EA439E9D8024189E636B1F37B2DD7226FC"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2819
Expires: Thu, 05 Jan 2023 17:07:46 GMT
Date: Thu, 05 Jan 2023 16:20:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
da484f5e9c6805745e063b236fb81473
ae454bf4a7ae0e96935afc81ee0f89c049097b15
068d0da23acbe7f6b600c4e7dbe9c81d3ad78c8afd122255bbf3550e8a290686

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "068D0DA23ACBE7F6B600C4E7DBE9C81D3AD78C8AFD122255BBF3550E8A290686"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3342
Expires: Thu, 05 Jan 2023 17:16:29 GMT
Date: Thu, 05 Jan 2023 16:20:47 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 05 Jan 2023 15:47:53 GMT
content-type: application/json
age: 1974
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Uw/FZVZF2u+yuCOJ6fpgED7J2MyHKHce/6OE9RJL4UwmhfJFcCXbiAUvY0QunBeMMkidpjgfPLgcCbdcW6yHvQ==
x-amz-request-id: 1QB3VANNSJ3GZCEN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 05 Jan 2023 16:01:47 GMT
age: 1140
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 16:20:47 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

106.12.224.4/manage.bz2

106.12.224.4

200 OK

2.2 kB

URL HTTP/1.1
106.12.224.4/manage.bz2
IP
106.12.224.4:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2956)
Size
2.2 kB (2191 bytes)
Hash
b30e1476b62c512e99cde6359006399b
22d88ba86b765a9e73874d8d7fc7eeec7637c7d9
33f7ecce3ae14c66aac17f860944d9695e1baabb4aa2de080887250400116810

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /manage.bz2 HTTP/1.1
Host: 106.12.224.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 05 Jan 2023 16:20:47 GMT
Etag: W/"63a912e2-12d6"
Last-Modified: Mon, 26 Dec 2022 03:20:02 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: Apache
Set-Cookie: DXMBXID=DXMBXID667c3ee6-0cce-46e5-84c3-14fbdab9187b; path=/; expires=Sat, 20-Dec-25 16:20:47 GMT
BAIDUID=F4AA8E5328969AAFD039771CAA361725:FG=1; expires=Fri, 05-Jan-24 16:20:47 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Tracecode: 22477829162132122890010600
Vary: Accept-Encoding
Transfer-Encoding: chunked

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 05 Jan 2023 15:33:38 GMT
age: 2830
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

106.12.224.4/insurweb/app/h5_app/point?spm=101.0.0.0&event_tag=AUTO_render-html-path/manage.bz2

106.12.224.4

301 Moved Permanently

162 B

URL HTTP/1.1
106.12.224.4/insurweb/app/h5_app/point?spm=101.0.0.0&event_tag=AUTO_render-html-path/manage.bz2
IP
106.12.224.4:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /insurweb/app/h5_app/point?spm=101.0.0.0&event_tag=AUTO_render-html-path/manage.bz2 HTTP/1.1
Host: 106.12.224.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://106.12.224.4/manage.bz2
Cookie: DXMBXID=DXMBXID667c3ee6-0cce-46e5-84c3-14fbdab9187b

HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html
Date: Thu, 05 Jan 2023 16:20:48 GMT
Location: https://106.12.224.4/p?spm=101.0.0.0&event_tag=AUTO_render-html-path/manage.bz2
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: Apache
Set-Cookie: BAIDUID=73451966B863299E25B3D7DB269B558A:FG=1; expires=Fri, 05-Jan-24 16:20:48 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Tracecode: 22482074672182585610010600
Transfer-Encoding: chunked

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
73a99621729e1bc9e236a1085b98a0cf
5e1f71493085f6be7788f59987c1f0850b77d4d7
219d1a8d7d1a027553f72c8c024488863d8996457b31c78014002f81174f3ad1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5215
Cache-Control: max-age=151976
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 16:20:48 GMT
Etag: "63b69329-1d7"
Expires: Sat, 07 Jan 2023 10:33:44 GMT
Last-Modified: Thu, 05 Jan 2023 09:06:49 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

106.12.224.4/assets/monitor/insur-monitor-web.js

106.12.224.4

200 OK

17 kB

URL HTTP/1.1
106.12.224.4/assets/monitor/insur-monitor-web.js
IP
106.12.224.4:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
Unicode text, UTF-8 text, with very long lines (47119)
Size
17 kB (17257 bytes)
Hash
4d45f7ce1eef4ab1cb73b33a1026b656
1ea9cf9137c7eaea39e6516776bfbb162f316745
b1e09b472d198fa011e4411a38e1ad529b967e29e110df24e0964704378ec070

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/monitor/insur-monitor-web.js HTTP/1.1
Host: 106.12.224.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://106.12.224.4/manage.bz2
Cookie: DXMBXID=DXMBXID667c3ee6-0cce-46e5-84c3-14fbdab9187b

HTTP/1.1 200 OK
Cache-Control: max-age=600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: application/x-javascript
Date: Thu, 05 Jan 2023 16:20:48 GMT
Etag: W/"639ab991-b877"
Expires: Thu, 05 Jan 2023 16:30:48 GMT
Last-Modified: Thu, 15 Dec 2022 06:07:13 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: Apache
Set-Cookie: BAIDUID=9168256C2333D78431C270ED8AD2E3CE:FG=1; expires=Fri, 05-Jan-24 16:20:48 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Strict-Transport-Security: max-age=5400; includeSubDomains
Tracecode: 22481930452182585610010600
Vary: Accept-Encoding
Transfer-Encoding: chunked

push.services.mozilla.com/

34.210.158.59

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.210.158.59:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 60LNqD0WTslKKLt9cx1IGQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DZBMxxPzYhiHWEtZQb7CThDQdyk=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4448
Expires: Thu, 05 Jan 2023 17:34:58 GMT
Date: Thu, 05 Jan 2023 16:20:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4448
Expires: Thu, 05 Jan 2023 17:34:58 GMT
Date: Thu, 05 Jan 2023 16:20:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4448
Expires: Thu, 05 Jan 2023 17:34:58 GMT
Date: Thu, 05 Jan 2023 16:20:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4443
Expires: Thu, 05 Jan 2023 17:34:53 GMT
Date: Thu, 05 Jan 2023 16:20:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4443
Expires: Thu, 05 Jan 2023 17:34:53 GMT
Date: Thu, 05 Jan 2023 16:20:50 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f013561-93d6-474a-8f03-299013f0ba30.webp

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f013561-93d6-474a-8f03-299013f0ba30.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7367 bytes)
Hash
db1b2573cd90d9c94112bc677d90d8a7
52830fa620718a629970f4ca9df109ea1d979f2d
f869d532534d81fd1335a9182409f9f1dda1ec7e8dba6445bcd219aec5f5d1e2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f013561-93d6-474a-8f03-299013f0ba30.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7367
x-amzn-requestid: 24c48b0b-7f01-4f67-b37e-8bc7ed792c36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eGlAJEqsIAMFeIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b28200-0813561555102cf079fd916a;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 07:04:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 37GusA4sbXjkTta8RVbfbgH9DBDcURpydCozw6ZQmS5biBUxqPZEGQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 05:30:34 GMT
age: 39016
etag: "52830fa620718a629970f4ca9df109ea1d979f2d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa32e61e5-fcf0-4825-a1bf-ea145dd3ae6c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8721 bytes)
Hash
4cecd6a1a228ac55f193a180229d3a33
9e5fd5a101828d5491305deb539dc5836c5b3065
7bbd9e261625c2d2a700a817c2f10b779c8463baacda02f9f34161c08487ca31

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa32e61e5-fcf0-4825-a1bf-ea145dd3ae6c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8721
x-amzn-requestid: 1c24289e-6169-4088-a2b8-311e3640e4bf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eAA7IGTdIAMFzCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63afe1e0-561d5981260c41511219c673;Sampled=0
x-amzn-remapped-date: Sat, 31 Dec 2022 07:16:48 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: qoxCvnR2nVjlCdQJ6Wyq_Ot0p1SVdhl71LEKAm0-tkPMxWHGdIl42w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 548adcda884eed02304ba5d6a1d7f514.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 07:08:44 GMT
age: 33126
etag: "9e5fd5a101828d5491305deb539dc5836c5b3065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb16f641-0924-4c5c-9f83-6779c59c746a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11381 bytes)
Hash
7711a1490729319952a150b84e91a5d6
11fda31d48a4df3fd6346d92f45a680f500bff64
e9663e981c6716c243b58ac99549dfbe6dd8371c42d50add46457b5911f63529

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb16f641-0924-4c5c-9f83-6779c59c746a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11381
x-amzn-requestid: 6964d7af-01cd-425b-aeb9-89a336f83a25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ePKyuGyJoAMF91Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b5f1aa-62558f6852d5861033eecdef;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 21:37:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BQpaWc_3xnsf6SPx3UvVIfgBRURZkVYrXyKQi6Khv6_90Ao78BZDeg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 21:55:08 GMT
age: 66342
etag: "11fda31d48a4df3fd6346d92f45a680f500bff64"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F343434d9-f716-41aa-8934-1a5f79402aa1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.2 kB (4248 bytes)
Hash
008614d302ad57bc6502ad5e07652378
968bc262d2939ec6f0dce9d852682c0aaf86d3d7
5eab9a2591f0f9761ba3b90a5a191b79b6326cccb1ee6b586b00dfc1517c8db6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F343434d9-f716-41aa-8934-1a5f79402aa1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4248
x-amzn-requestid: 17ccfd69-0d12-42ac-b111-059a68735e70
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eCutmF7mIAMFW2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b0f7f0-5e1653641a0303815656a578;Sampled=0
x-amzn-remapped-date: Sun, 01 Jan 2023 03:03:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: zxPQmFj8Y1QxN5CKzoPL9l_tBPeokp60xLh7nhRHTWjcdKreTPy01A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 07:08:59 GMT
age: 33111
etag: "968bc262d2939ec6f0dce9d852682c0aaf86d3d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F038e46b4-c5e2-4f46-817c-434795e1e545.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5601 bytes)
Hash
5ce88a04d7f32ce0497bd84db44da8d4
761049019c342553004815ea394dcf282f2cc613
038aa4e5da1428524de833071814998d6c1d8b8b60d4e9c10e60d8a75f7b88fb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F038e46b4-c5e2-4f46-817c-434795e1e545.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5601
x-amzn-requestid: 54813ea9-9435-4355-910b-5b4d1eadf2ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eGlhgHU1oAMFTYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b282d6-17e772ae5b70371367792063;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 07:08:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: hB4FJa_z49ZYA_EY_5CH9CVlU2tYkrhayxyWMmR8lNxR10rjfff-MQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 06:33:38 GMT
age: 35232
etag: "761049019c342553004815ea394dcf282f2cc613"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5578 bytes)
Hash
e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 93353c3e-1b26-424c-b4c6-0d113703edd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFvpBFGvIAMFobw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b22c9f-1d07cff31ae39320693642f0;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 01:00:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DqWBkBqUffF-tNXmSr2AzrL7hMr0RufOsND4zDF26f8A4c1tetxnWg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 03:41:11 GMT
age: 45579
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.dcocsp.cn/

47.246.44.229

200 OK

471 B

URL HTTP/1.1
ocsp.dcocsp.cn/
IP
47.246.44.229:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
d2caabd33030c6dd96b961ca4439dae9
4c7596aa633039b74d9d26abe9930b2f9c3dc83d
0142366c6e90aacb68afe1e7c58a38f408d592d01fa25eaf71423e1fc17ca223

HTTP Headers

POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Thu, 05 Jan 2023 16:20:50 GMT
Ali-Swift-Global-Savetime: 1672935650
Via: cache14.l2de2[194,194,200-0,M], cache14.l2de2[196,0], cache1.se1[217,216,200-0,M], cache1.se1[218,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Thu, 05 Jan 2023 16:20:50 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 2ff62c9516729356499195999e

ocsp.dcocsp.cn/

47.246.44.229

200 OK

471 B

URL HTTP/1.1
ocsp.dcocsp.cn/
IP
47.246.44.229:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
e10dd58c3812327fb0b0879deb6337bd
343ec34d2bdb5cf9355aff58e254f721270c19d5
945f42ef1176235b35b6443d30540d33691dc3463af50066cf04fcd4fabcbfd9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Thu, 05 Jan 2023 16:20:51 GMT
Ali-Swift-Global-Savetime: 1672935651
Via: cache21.l2de2[51,35,200-0,C], cache25.l2de2[36,0], cache3.se1[57,56,200-0,M], cache3.se1[58,0]
Age: 0
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Thu, 05 Jan 2023 16:20:51 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 2ff62c9716729356511308123e

ocsp.dcocsp.cn/

47.246.44.229

200 OK

471 B

URL HTTP/1.1
ocsp.dcocsp.cn/
IP
47.246.44.229:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
e10dd58c3812327fb0b0879deb6337bd
343ec34d2bdb5cf9355aff58e254f721270c19d5
945f42ef1176235b35b6443d30540d33691dc3463af50066cf04fcd4fabcbfd9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Thu, 05 Jan 2023 16:20:51 GMT
Ali-Swift-Global-Savetime: 1672935651
Via: cache21.l2de2[51,35,200-0,C], cache25.l2de2[36,0], cache3.se1[57,54,200-0,C], cache3.se1[56,0]
Age: 0
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2
X-Swift-SaveTime: Thu, 05 Jan 2023 16:20:51 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 2ff62c9716729356511328128e

ocsp.dcocsp.cn/

47.246.44.229

200 OK

471 B

URL HTTP/1.1
ocsp.dcocsp.cn/
IP
47.246.44.229:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
e10dd58c3812327fb0b0879deb6337bd
343ec34d2bdb5cf9355aff58e254f721270c19d5
945f42ef1176235b35b6443d30540d33691dc3463af50066cf04fcd4fabcbfd9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Thu, 05 Jan 2023 16:20:51 GMT
Ali-Swift-Global-Savetime: 1672935651
Via: cache21.l2de2[51,51,200-0,M], cache20.l2de2[52,0], cache1.se1[73,73,200-0,M], cache1.se1[74,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Thu, 05 Jan 2023 16:20:51 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 2ff62c9516729356511157079e

ocsp.dcocsp.cn/

47.246.44.229

200 OK

471 B

URL HTTP/1.1
ocsp.dcocsp.cn/
IP
47.246.44.229:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
e10dd58c3812327fb0b0879deb6337bd
343ec34d2bdb5cf9355aff58e254f721270c19d5
945f42ef1176235b35b6443d30540d33691dc3463af50066cf04fcd4fabcbfd9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Thu, 05 Jan 2023 16:20:51 GMT
Ali-Swift-Global-Savetime: 1672935651
Via: cache21.l2de2[51,38,200-0,C], cache4.l2de2[39,0], cache8.se1[62,61,200-0,M], cache8.se1[63,0]
Age: 0
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Thu, 05 Jan 2023 16:20:51 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 2ff62c9c16729356511323161e

ocsp.dcocsp.cn/

47.246.44.229

200 OK

471 B

URL HTTP/1.1
ocsp.dcocsp.cn/
IP
47.246.44.229:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
e10dd58c3812327fb0b0879deb6337bd
343ec34d2bdb5cf9355aff58e254f721270c19d5
945f42ef1176235b35b6443d30540d33691dc3463af50066cf04fcd4fabcbfd9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Thu, 05 Jan 2023 16:20:51 GMT
Ali-Swift-Global-Savetime: 1672935651
Via: cache21.l2de2[51,36,200-0,C], cache17.l2de2[36,0], cache4.se1[57,57,200-0,M], cache4.se1[59,0]
Age: 0
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Thu, 05 Jan 2023 16:20:51 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 2ff62c9816729356511333991e

baoxian.dxmstatic.com/assets/m/js/manifest.f10d032e.bundle.js

185.10.104.115

200 OK

4.4 kB

URL HTTP/1.1
baoxian.dxmstatic.com/assets/m/js/manifest.f10d032e.bundle.js
IP
185.10.104.115:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (8214), with no line terminators
Size
4.4 kB (4420 bytes)
Hash
f4624946a2b1c4636b3e97bc6884cf27
fd616233fee2ee14b467a98cfb85984b36220e60
d748cda277e71a32bac73ca669c1b6f57e80169a99a6f750f8612e5c57ae9df0

HTTP Headers

GET /assets/m/js/manifest.f10d032e.bundle.js HTTP/1.1
Host: baoxian.dxmstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 05 Jan 2023 16:20:51 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 26 Dec 2022 03:20:02 GMT
ETag: "63a912e2-2016"
Content-Encoding: br
Age: 714093
Accept-Ranges: bytes
Strict-Transport-Security: max-age=5400; includeSubDomains
Tracecode: 45834610921873941770122815
Vary: Accept-Encoding
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 28 Dec 2022 07:59:43 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache51 [2], suzix51 [2]
Ohc-File-Size: 4420
X-Cache-Status: HIT

baoxian.dxmstatic.com/assets/m/js/lodash.fd812dc4.chunk.js

185.10.104.115

200 OK

26 kB

URL HTTP/1.1
baoxian.dxmstatic.com/assets/m/js/lodash.fd812dc4.chunk.js
IP
185.10.104.115:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
Unicode text, UTF-8 text, with very long lines (64902)
Size
26 kB (25901 bytes)
Hash
8f37e76d73e400a5002a26aad1fbc56f
c34c05894d1fcaf94783b44071f12fcd58b1186d
714ab1393e5e54ab14a1cddf93c25dcd575002cf819132669b226a253b27668f

HTTP Headers

GET /assets/m/js/lodash.fd812dc4.chunk.js HTTP/1.1
Host: baoxian.dxmstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 05 Jan 2023 16:20:51 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 10:16:48 GMT
ETag: "6374b890-1162a"
Content-Encoding: gzip
Age: 1281180
Accept-Ranges: bytes
Strict-Transport-Security: max-age=5400; includeSubDomains
Tracecode: 44948371044289795338112110
Vary: Accept-Encoding
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 21 Dec 2022 02:58:15 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache51 [4], czix212 [2]
Ohc-File-Size: 25901
X-Cache-Status: HIT

baoxian.dxmstatic.com/assets/m/js/vant.9e3f21e2.chunk.js

185.10.104.115

200 OK

43 kB

URL HTTP/1.1
baoxian.dxmstatic.com/assets/m/js/vant.9e3f21e2.chunk.js
IP
185.10.104.115:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
Unicode text, UTF-8 text, with very long lines (65160), with no line terminators
Size
43 kB (42832 bytes)
Hash
6aa27708c2a32cfba5bac7808305bfaa
fb0b2541ba07eb367b61a507a0ba94a49fbdac9f
e69faf10ac43344700355bf3f0454e4b04ca6e546868f71f4c956d35937a9c04

HTTP Headers

GET /assets/m/js/vant.9e3f21e2.chunk.js HTTP/1.1
Host: baoxian.dxmstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 05 Jan 2023 16:20:51 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 10:16:48 GMT
ETag: "6374b890-28e8d"
Content-Encoding: gzip
Age: 1281180
Accept-Ranges: bytes
Strict-Transport-Security: max-age=5400; includeSubDomains
Tracecode: 44947801350313660682112110
Vary: Accept-Encoding
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 21 Dec 2022 02:58:15 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache53 [4], bdix88 [2]
Ohc-File-Size: 42832
X-Cache-Status: HIT

baoxian.dxmstatic.com/assets/m/js/vue.89a1f894.chunk.js

185.10.104.115

200 OK

56 kB

URL HTTP/1.1
baoxian.dxmstatic.com/assets/m/js/vue.89a1f894.chunk.js
IP
185.10.104.115:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (28998)
Size
56 kB (56049 bytes)
Hash
3b306cd23122eb841abb5b7cf150614c
1e631b28be51ed2696d394c9818fa34b2f3b665c
9f57fbc4abf25ae663bfddc21b317741a9e634fbdd9b94fe1f215e74de3217a9

HTTP Headers

GET /assets/m/js/vue.89a1f894.chunk.js HTTP/1.1
Host: baoxian.dxmstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 05 Jan 2023 16:20:51 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 10:16:48 GMT
ETag: "6374b890-255bc"
Content-Encoding: gzip
Age: 1281180
Accept-Ranges: bytes
Strict-Transport-Security: max-age=5400; includeSubDomains
Tracecode: 44948509141873941770112110
Vary: Accept-Encoding
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 21 Dec 2022 02:58:15 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache63 [4], suzix89 [2]
Ohc-File-Size: 56049
X-Cache-Status: HIT

baoxian.dxmstatic.com/assets/m/js/jquery.b9ec3c55.chunk.js

185.10.104.115

200 OK

32 kB

URL HTTP/1.1
baoxian.dxmstatic.com/assets/m/js/jquery.b9ec3c55.chunk.js
IP
185.10.104.115:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
Unicode text, UTF-8 text, with very long lines (61316)
Size
32 kB (32123 bytes)
Hash
4e6c116dc4f32dda92e9a219ef1597a4
257085a4fe8a0669b8bc3bcb2cb54b5bdf5515c4
6175190eff5422e26d186ab8ae13bc938f8982ce07df0c28128a789d15f9a5d8

HTTP Headers

GET /assets/m/js/jquery.b9ec3c55.chunk.js HTTP/1.1
Host: baoxian.dxmstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 05 Jan 2023 16:20:51 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 10:16:48 GMT
ETag: "6374b890-15a96"
Content-Encoding: gzip
Age: 1281180
Accept-Ranges: bytes
Strict-Transport-Security: max-age=5400; includeSubDomains
Tracecode: 44947898812132122890112110
Vary: Accept-Encoding
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 21 Dec 2022 02:58:15 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache51 [4], bdix72 [2]
Ohc-File-Size: 32123
X-Cache-Status: HIT

106.12.224.4/insurweb/app/h5_app/point

106.12.224.4

301 Moved Permanently

162 B

URL HTTP/1.1
106.12.224.4/insurweb/app/h5_app/point
IP
106.12.224.4:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /insurweb/app/h5_app/point HTTP/1.1
Host: 106.12.224.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json;charset=UTF-8
Content-Length: 561
Origin: http://106.12.224.4
Connection: keep-alive
Referer: http://106.12.224.4/manage.bz2
Cookie: DXMBXID=DXMBXID667c3ee6-0cce-46e5-84c3-14fbdab9187b; LOG_SESSION_ID=6ebb60eb-a874-4a6d-b74e-2a0595ef23c9-1672935641776

HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html
Date: Thu, 05 Jan 2023 16:20:52 GMT
Location: https://106.12.224.4/p
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: Apache
Set-Cookie: BAIDUID=A1724CDBD9E6B62FB5DF3AA2DB11F639:FG=1; expires=Fri, 05-Jan-24 16:20:52 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Tracecode: 22521802552182585610010600
Transfer-Encoding: chunked

baoxian.dxmstatic.com/assets/cms/static/img/favicon.ico?20200521

185.10.104.115

200 OK

676 B

URL HTTP/1.1
baoxian.dxmstatic.com/assets/cms/static/img/favicon.ico?20200521
IP
185.10.104.115:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size
676 B (676 bytes)
Hash
1a95f4b4edae0d313b02e0febf110ce3
0126a9db6c633c15689ae2ffcac303d5af3e342a
18035abf6f4af2cf478826d22ec2ceddbd6e976d18c479ae9e019dc732f74060

HTTP Headers

GET /assets/cms/static/img/favicon.ico?20200521 HTTP/1.1
Host: baoxian.dxmstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 05 Jan 2023 16:20:52 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 08 Dec 2022 20:29:21 GMT
Last-Modified: Wed, 20 May 2020 07:19:06 GMT
ETag: "5ec4d9ea-10be"
Cache-Control: max-age=600
Content-Encoding: br
Age: 2399155
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Tracecode: 14394048352132122890121702
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 08 Dec 2022 20:19:21 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache59 [1], suzix59 [1]
Ohc-File-Size: 4286
X-Cache-Status: HIT

ocsp.globalsign.com/gsrsaovsslca2018

151.101.130.133

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
151.101.130.133:0
ASN
#54113 FASTLY

File type
data
Size
1.4 kB (1432 bytes)
Hash
7707d01f9bdc43a26f1c236afb468aae
bd84383a32e704eb428efb7cfeb438f27e28a7c5
dc37fc3ff25e200ff5a28e01e49bf7a7f0efa1c82e130c0b8a2727e3abe318ca

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Mon, 09 Jan 2023 13:52:42 GMT
ETag: "bd84383a32e704eb428efb7cfeb438f27e28a7c5"
Last-Modified: Thu, 05 Jan 2023 13:52:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 05 Jan 2023 16:20:53 GMT
Age: 1687
X-Served-By: cache-qpg1274-QPG, cache-bma1652-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 22, 2
X-Timer: S1672935653.013285,VS0,VE0

hm.baidu.com/hm.js?d5ba068ce0bdbb86e2be209d513162f8

103.235.46.191

200 OK

12 kB

URL HTTP/1.1
hm.baidu.com/hm.js?d5ba068ce0bdbb86e2be209d513162f8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (1016)
Size
12 kB (11654 bytes)
Hash
0c3ddddd01f03b89d2b940c20e05d453
ff5fdc06e1d128c7be224df4f49b5856d3b7d222
31ffb0320205b5488f86bde4159eb276d3b335f7bce949f53f5462c5364290f0

HTTP Headers

GET /hm.js?d5ba068ce0bdbb86e2be209d513162f8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11654
Content-Type: application/javascript
Date: Thu, 05 Jan 2023 16:20:53 GMT
Etag: 363c75e41dae83978b5069e6e92508cc
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=16F40B6F7C8D57F0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

baoxian.dxmstatic.com/assets/m/js/23.f041d1c9.chunk.js

185.10.104.115

200 OK

13 kB

URL HTTP/1.1
baoxian.dxmstatic.com/assets/m/js/23.f041d1c9.chunk.js
IP
185.10.104.115:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
Unicode text, UTF-8 text, with very long lines (47805)
Size
13 kB (12799 bytes)
Hash
4378eb5739383c62f720d5918db0c48a
f7429405af758560c520d40a64c2f79a3531ac17
59728a19af5cd7cf3601eb5c78bb31b7db3d4d40b942275b474f40937b942170

HTTP Headers

GET /assets/m/js/23.f041d1c9.chunk.js HTTP/1.1
Host: baoxian.dxmstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 05 Jan 2023 16:20:54 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 26 Dec 2022 03:20:01 GMT
ETag: "63a912e1-d18e"
Content-Encoding: br
Age: 687185
Accept-Ranges: bytes
Strict-Transport-Security: max-age=5400; includeSubDomains
Tracecode: 22294270004289795338122816
Vary: Accept-Encoding
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 28 Dec 2022 08:20:29 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [4], zhuzuncache50 [1], xiangyix120 [2]
Ohc-File-Size: 12799
X-Cache-Status: HIT

baoxian.dxmstatic.com/assets/m/js/1.146819cd.chunk.js

185.10.104.115

200 OK

37 kB

URL HTTP/1.1
baoxian.dxmstatic.com/assets/m/js/1.146819cd.chunk.js
IP
185.10.104.115:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
37 kB (36795 bytes)
Hash
33e15ea983db12a1c26a100b1de755ed
3c87e3abde4797b5bc202f413aabd39b8dea8a57
d86cf9aa7c77c7ad894745fd7077430a4aa5bc8769bb48e10e01d5598aa730d1

HTTP Headers

GET /assets/m/js/1.146819cd.chunk.js HTTP/1.1
Host: baoxian.dxmstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 05 Jan 2023 16:20:54 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 10:16:48 GMT
ETag: "6374b890-21556"
Content-Encoding: gzip
Age: 1084157
Accept-Ranges: bytes
Strict-Transport-Security: max-age=5400; includeSubDomains
Tracecode: 16842363542182585610120814
Vary: Accept-Encoding
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 08 Dec 2022 06:11:24 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache64 [4], czix203 [2]
Ohc-File-Size: 36795
X-Cache-Status: HIT

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=335722487&si=d5ba068ce0bdbb86e2be209d513162f8&v=1.3.0&lv=1&sn=23699&r=0&ww=1280&u=http%3A%2F%2F106.12.224.4%2Fmanage.bz2&tt=%E5%BA%A6%E5%B0%8F%E6%BB%A1%E4%BF%9D%E9%99%A9%E7%BB%8F%E7%BA%AA

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=335722487&si=d5ba068ce0bdbb86e2be209d513162f8&v=1.3.0&lv=1&sn=23699&r=0&ww=1280&u=http%3A%2F%2F106.12.224.4%2Fmanage.bz2&tt=%E5%BA%A6%E5%B0%8F%E6%BB%A1%E4%BF%9D%E9%99%A9%E7%BB%8F%E7%BA%AA
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=335722487&si=d5ba068ce0bdbb86e2be209d513162f8&v=1.3.0&lv=1&sn=23699&r=0&ww=1280&u=http%3A%2F%2F106.12.224.4%2Fmanage.bz2&tt=%E5%BA%A6%E5%B0%8F%E6%BB%A1%E4%BF%9D%E9%99%A9%E7%BB%8F%E7%BA%AA HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 05 Jan 2023 16:20:54 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=368ABC7F73767302; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

baoxian.dxmstatic.com/assets/cms/static/img/1-0/logo-dxm-2.png?20210429

185.10.104.115

200 OK

22 kB

URL HTTP/1.1
baoxian.dxmstatic.com/assets/cms/static/img/1-0/logo-dxm-2.png?20210429
IP
185.10.104.115:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
PNG image data, 670 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (22400 bytes)
Hash
55f2683a9fe39fab38d57e9304f55b45
ca2b3d8bb7a1be27c5ad6fa52ff9801a64112ec6
c333cafcf47120cdcbd13cfb749cfb4adaa42040a488326b929923d19ad9d3e9

HTTP Headers

GET /assets/cms/static/img/1-0/logo-dxm-2.png?20210429 HTTP/1.1
Host: baoxian.dxmstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 05 Jan 2023 16:20:54 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Dec 2022 07:26:20 GMT
Last-Modified: Thu, 29 Apr 2021 09:57:11 GMT
ETag: "608a82f7-5780"
Cache-Control: max-age=600
Age: 755344
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Tracecode: 39196922262769722634053012
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 26 Dec 2022 07:16:20 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache55 [4], qdix133 [4]
Ohc-File-Size: 22400
X-Cache-Status: HIT

baoxian.dxmstatic.com/assets/cms/static/img/1-0/tab-product.png

185.10.104.115

200 OK

1.8 kB

URL HTTP/1.1
baoxian.dxmstatic.com/assets/cms/static/img/1-0/tab-product.png
IP
185.10.104.115:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
PNG image data, 66 x 66, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1811 bytes)
Hash
920d21a770f3802c8d8aa62437c6fce0
ac3379973b749ed7216f1a83eff6779ef3b1b04c
d826f3ca72978439308bfb4f4a4a8c3ca80df5ece2a31b56adb904d4e798a645

HTTP Headers

GET /assets/cms/static/img/1-0/tab-product.png HTTP/1.1
Host: baoxian.dxmstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 05 Jan 2023 16:20:54 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 29 Dec 2022 10:06:20 GMT
Last-Modified: Mon, 16 Mar 2020 08:00:50 GMT
ETag: "5e6f3232-713"
Cache-Control: max-age=600
Age: 590528
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Tracecode: 41455181672132122890020216
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 29 Dec 2022 09:56:19 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache65 [2], xaix226 [4]
Ohc-File-Size: 1811
X-Cache-Status: HIT

baoxian.dxmstatic.com/assets/cms/static/img/1-0/tab-mypolicy.png

185.10.104.115

200 OK

1.4 kB

URL HTTP/1.1
baoxian.dxmstatic.com/assets/cms/static/img/1-0/tab-mypolicy.png
IP
185.10.104.115:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
PNG image data, 66 x 66, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1428 bytes)
Hash
88b9b755ba8942b0e9da4555beb9906e
3cb193d70c7d42d36de024a55523db13576b2c90
6819c1a4bb4e669ea1c535f41a9fdc755c87c76a35fbeda9232ef483b1e533ec

HTTP Headers

GET /assets/cms/static/img/1-0/tab-mypolicy.png HTTP/1.1
Host: baoxian.dxmstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 05 Jan 2023 16:20:54 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 21 Dec 2022 12:15:56 GMT
Last-Modified: Mon, 16 Mar 2020 08:00:53 GMT
ETag: "5e6f3235-594"
Cache-Control: max-age=600
Age: 862788
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Tracecode: 19267331790313660682052519
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 21 Dec 2022 12:05:56 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [2], zhuzuncache60 [4], czix122 [4]
Ohc-File-Size: 1428
X-Cache-Status: HIT

ocsp.dcocsp.cn/

47.246.44.229

200 OK

471 B

URL HTTP/1.1
ocsp.dcocsp.cn/
IP
47.246.44.229:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
028eabe177a86f02ff094a0f33073c45
e10d3455d8e2202d9dfa86b6360978e3f5716ba3
6ebbdbd9cf1f8c4e2b335f9c6285cef632360c1832ec6f249e5d0bd61b588cb2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Thu, 05 Jan 2023 16:16:11 GMT
Last-Modified: Thu, 05 Jan 2023 05:55:12 GMT
ETag: "63b66640-1d7"
Expires: Sat, 07 Jan 2023 05:55:12 GMT
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1672935371
Via: cache21.l2de2[0,0,200-0,H], cache8.l2de2[0,0], cache3.se1[22,22,200-0,M], cache3.se1[24,0]
Age: 283
X-Cache: MISS TCP_REFRESH_MISS dirn:1:106200256
X-Swift-SaveTime: Thu, 05 Jan 2023 16:20:54 GMT
X-Swift-CacheTime: 3317
Timing-Allow-Origin: *
EagleId: 2ff62c9716729356543502888e

baoxian.dxmstatic.com/assets/m/js/app.41ba883a.chunk.js

185.10.104.115

200 OK

4.2 kB

URL HTTP/1.1
baoxian.dxmstatic.com/assets/m/js/app.41ba883a.chunk.js
IP
185.10.104.115:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
data
Size
4.2 kB (4247 bytes)
Hash
e8e150de175c06b591b6ddae7872c7db
4118ab1f65c76bb377d7e8d7792e276fcd3ab9bf
cda54809257ec181f6cac8b6ad4fec2d59a903d7d02736fa138499beb4c3f5f8

HTTP Headers

GET /assets/m/js/app.41ba883a.chunk.js HTTP/1.1
Host: baoxian.dxmstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 05 Jan 2023 16:20:51 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 26 Dec 2022 03:20:02 GMT
ETag: "63a912e2-63650"
Content-Encoding: br
Age: 714093
Accept-Ranges: bytes
Strict-Transport-Security: max-age=5400; includeSubDomains
Tracecode: 45834911332182585610122815
Vary: Accept-Encoding
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 28 Dec 2022 07:59:43 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache57 [2], xaix149 [2]
Ohc-File-Size: 116037
X-Cache-Status: HIT

106.12.224.4/insurweb/app/h5_app/point

106.12.224.4

301 Moved Permanently

162 B

URL HTTP/1.1
106.12.224.4/insurweb/app/h5_app/point
IP
106.12.224.4:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /insurweb/app/h5_app/point HTTP/1.1
Host: 106.12.224.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json;charset=UTF-8
Content-Length: 723
Origin: http://106.12.224.4
Connection: keep-alive
Referer: http://106.12.224.4/m/home
Cookie: DXMBXID=DXMBXID667c3ee6-0cce-46e5-84c3-14fbdab9187b; LOG_SESSION_ID=6ebb60eb-a874-4a6d-b74e-2a0595ef23c9-1672935641776; Hm_lvt_d5ba068ce0bdbb86e2be209d513162f8=1672935644; Hm_lpvt_d5ba068ce0bdbb86e2be209d513162f8=1672935644

HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html
Date: Thu, 05 Jan 2023 16:20:54 GMT
Location: https://106.12.224.4/p
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: Apache
Set-Cookie: BAIDUID=FF4CAD48D84774ABE88E9B067E244D1A:FG=1; expires=Fri, 05-Jan-24 16:20:54 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Tracecode: 22543657382132122890010600
Transfer-Encoding: chunked

106.12.224.4/insurweb/app/h5_app/point

106.12.224.4

301 Moved Permanently

162 B

URL HTTP/1.1
106.12.224.4/insurweb/app/h5_app/point
IP
106.12.224.4:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /insurweb/app/h5_app/point HTTP/1.1
Host: 106.12.224.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json;charset=UTF-8
Content-Length: 682
Origin: http://106.12.224.4
Connection: keep-alive
Referer: http://106.12.224.4/m/home
Cookie: DXMBXID=DXMBXID667c3ee6-0cce-46e5-84c3-14fbdab9187b; LOG_SESSION_ID=6ebb60eb-a874-4a6d-b74e-2a0595ef23c9-1672935641776; Hm_lvt_d5ba068ce0bdbb86e2be209d513162f8=1672935644; Hm_lpvt_d5ba068ce0bdbb86e2be209d513162f8=1672935644

HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html
Date: Thu, 05 Jan 2023 16:20:54 GMT
Location: https://106.12.224.4/p
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: Apache
Set-Cookie: BAIDUID=0E093F7742C9D9AB0F8DE547EF97EB28:FG=1; expires=Fri, 05-Jan-24 16:20:54 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Tracecode: 22546325562769722634010600
Transfer-Encoding: chunked

passport.duxiaoman.com/v3/login/api/authopenbduss/?client_id=fHUnn02XwCrywmmdUtCdK6eC&return_type=3&tpl=licaient&u=http%3A%2F%2F106.12.224.4%2Finsurface%2Fapi%2F0%2Fsync_login%2F0%3Ftimer%3D%26sessionId%3D6ebb60eb-a874-4a6d-b74e-2a0595ef23c9-1672935641776%26timestamp%3D1672935641781

106.12.226.216

301 Moved Permanently

307 B

URL HTTP/1.1
passport.duxiaoman.com/v3/login/api/authopenbduss/?client_id=fHUnn02XwCrywmmdUtCdK6eC&return_type=3&tpl=licaient&u=http%3A%2F%2F106.12.224.4%2Finsurface%2Fapi%2F0%2Fsync_login%2F0%3Ftimer%3D%26sessionId%3D6ebb60eb-a874-4a6d-b74e-2a0595ef23c9-1672935641776%26timestamp%3D1672935641781
IP
106.12.226.216:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
HTML document, ASCII text, with very long lines (305)
Size
307 B (307 bytes)
Hash
3a9756ae4bb3948474afc95c3b76d421
ededa1797aa09255abdeaf359c2dc3370d5db6a7
492762c22710364a20cbba410c27554ee91e56453cdad3c32d9e9bafe9d60c21

HTTP Headers

GET /v3/login/api/authopenbduss/?client_id=fHUnn02XwCrywmmdUtCdK6eC&return_type=3&tpl=licaient&u=http%3A%2F%2F106.12.224.4%2Finsurface%2Fapi%2F0%2Fsync_login%2F0%3Ftimer%3D%26sessionId%3D6ebb60eb-a874-4a6d-b74e-2a0595ef23c9-1672935641776%26timestamp%3D1672935641781 HTTP/1.1
Host: passport.duxiaoman.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Content-Type,x-baidu-ie,x-pay-fe
Access-Control-Allow-Methods: POST, GET, OPTIONS
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Thu, 05 Jan 2023 16:20:54 GMT
Location: /v3/login/api/authopenbduss?client_id=fHUnn02XwCrywmmdUtCdK6eC&return_type=3&tpl=licaient&u=http%3A%2F%2F106.12.224.4%2Finsurface%2Fapi%2F0%2Fsync_login%2F0%3Ftimer%3D%26sessionId%3D6ebb60eb-a874-4a6d-b74e-2a0595ef23c9-1672935641776%26timestamp%3D1672935641781
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: Apache
Set-Cookie: AB_EXPERIMENT=%7B%22PC_SESSION_COOKIE_SWITCH%22%3A%22ON%22%2C%22group_cloud_smallflow%22%3A%22%22%2C%22ORDER_SIX_MONTH_CHECK%22%3A%22ON%22%2C%22group_smallflow%22%3A%22%22%2C%22CHROME80_SET_COOKIE%22%3A%22ON%22%2C%22group_smallflow_uri%22%3A%22%22%2C%22rccGetChannelInfoSink%22%3A%22ON%22%7D; path=/; httponly; max-age=60
BAIDUID=C2FE43D3CBC006AC2C1B5ACB36AF9F85:FG=1; expires=Fri, 05-Jan-24 16:20:54 GMT; max-age=31536000; path=/; domain=.dxmpay.com; version=1
Tracecode: 22547815062803145994010600
X-Bfb-Rt: 0.002
Transfer-Encoding: chunked

106.12.224.4/insurweb/app/h5_app/point

106.12.224.4

301 Moved Permanently

162 B

URL HTTP/1.1
106.12.224.4/insurweb/app/h5_app/point
IP
106.12.224.4:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /insurweb/app/h5_app/point HTTP/1.1
Host: 106.12.224.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json;charset=UTF-8
Content-Length: 779
Origin: http://106.12.224.4
Connection: keep-alive
Referer: http://106.12.224.4/m/home
Cookie: DXMBXID=DXMBXID667c3ee6-0cce-46e5-84c3-14fbdab9187b; LOG_SESSION_ID=6ebb60eb-a874-4a6d-b74e-2a0595ef23c9-1672935641776; Hm_lvt_d5ba068ce0bdbb86e2be209d513162f8=1672935644; Hm_lpvt_d5ba068ce0bdbb86e2be209d513162f8=1672935644

HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html
Date: Thu, 05 Jan 2023 16:20:54 GMT
Location: https://106.12.224.4/p
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: Apache
Set-Cookie: BAIDUID=FF4CAD48D84774AB5BF7D3A91E9AF251:FG=1; expires=Fri, 05-Jan-24 16:20:54 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Tracecode: 22549349572132122890010600
Transfer-Encoding: chunked

106.12.226.216

301 Moved Permanently

307 B

URL HTTP/1.1
passport.duxiaoman.com/v3/login/api/authopenbduss/?client_id=fHUnn02XwCrywmmdUtCdK6eC&return_type=3&tpl=licaient&u=http%3A%2F%2F106.12.224.4%2Finsurface%2Fapi%2F0%2Fsync_login%2F0%3Ftimer%3D%26sessionId%3D6ebb60eb-a874-4a6d-b74e-2a0595ef23c9-1672935641776%26timestamp%3D1672935643897
IP
106.12.226.216:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
HTML document, ASCII text, with very long lines (305)
Size
307 B (307 bytes)
Hash
8c72b57b221d1092801ff16d346361ff
f31e8ee5b13af47db1bc6cce61cda799f559beb4
bf6d695625c7534596409a989c408b5b27d85cea3e7c8e5cf661704179aeea21

HTTP Headers

GET /v3/login/api/authopenbduss/?client_id=fHUnn02XwCrywmmdUtCdK6eC&return_type=3&tpl=licaient&u=http%3A%2F%2F106.12.224.4%2Finsurface%2Fapi%2F0%2Fsync_login%2F0%3Ftimer%3D%26sessionId%3D6ebb60eb-a874-4a6d-b74e-2a0595ef23c9-1672935641776%26timestamp%3D1672935643897 HTTP/1.1
Host: passport.duxiaoman.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Content-Type,x-baidu-ie,x-pay-fe
Access-Control-Allow-Methods: POST, GET, OPTIONS
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Thu, 05 Jan 2023 16:20:54 GMT
Location: /v3/login/api/authopenbduss?client_id=fHUnn02XwCrywmmdUtCdK6eC&return_type=3&tpl=licaient&u=http%3A%2F%2F106.12.224.4%2Finsurface%2Fapi%2F0%2Fsync_login%2F0%3Ftimer%3D%26sessionId%3D6ebb60eb-a874-4a6d-b74e-2a0595ef23c9-1672935641776%26timestamp%3D1672935643897
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: Apache
Set-Cookie: AB_EXPERIMENT=%7B%22PC_SESSION_COOKIE_SWITCH%22%3A%22ON%22%2C%22group_cloud_smallflow%22%3A%22%22%2C%22ORDER_SIX_MONTH_CHECK%22%3A%22ON%22%2C%22group_smallflow%22%3A%22%22%2C%22CHROME80_SET_COOKIE%22%3A%22ON%22%2C%22group_smallflow_uri%22%3A%22%22%2C%22rccGetChannelInfoSink%22%3A%22ON%22%7D; path=/; httponly; max-age=60
BAIDUID=F9CC1FF1A7EA28870CB11736E9AAC2F4:FG=1; expires=Fri, 05-Jan-24 16:20:54 GMT; max-age=31536000; path=/; domain=.dxmpay.com; version=1
Tracecode: 22549965862786368778010600
X-Bfb-Rt: 0.002
Transfer-Encoding: chunked

106.12.224.4/insurweb/app/h5_app/point

106.12.224.4

301 Moved Permanently

162 B

URL HTTP/1.1
106.12.224.4/insurweb/app/h5_app/point
IP
106.12.224.4:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /insurweb/app/h5_app/point HTTP/1.1
Host: 106.12.224.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json;charset=UTF-8
Content-Length: 531
Origin: http://106.12.224.4
Connection: keep-alive
Referer: http://106.12.224.4/m/home
Cookie: DXMBXID=DXMBXID667c3ee6-0cce-46e5-84c3-14fbdab9187b; LOG_SESSION_ID=6ebb60eb-a874-4a6d-b74e-2a0595ef23c9-1672935641776; Hm_lvt_d5ba068ce0bdbb86e2be209d513162f8=1672935644; Hm_lpvt_d5ba068ce0bdbb86e2be209d513162f8=1672935644

HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html
Date: Thu, 05 Jan 2023 16:20:55 GMT
Location: https://106.12.224.4/p
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: Apache
Set-Cookie: BAIDUID=C69C51473601CCF030EDE668A370DA3B:FG=1; expires=Fri, 05-Jan-24 16:20:55 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Tracecode: 22550581962132122890010600
Transfer-Encoding: chunked

passport.duxiaoman.com/v3/login/api/authopenbduss?client_id=fHUnn02XwCrywmmdUtCdK6eC&return_type=3&tpl=licaient&u=http%3A%2F%2F106.12.224.4%2Finsurface%2Fapi%2F0%2Fsync_login%2F0%3Ftimer%3D%26sessionId%3D6ebb60eb-a874-4a6d-b74e-2a0595ef23c9-1672935641776%26timestamp%3D1672935641781

106.12.226.216

302 Found

353 B

URL HTTP/1.1
passport.duxiaoman.com/v3/login/api/authopenbduss?client_id=fHUnn02XwCrywmmdUtCdK6eC&return_type=3&tpl=licaient&u=http%3A%2F%2F106.12.224.4%2Finsurface%2Fapi%2F0%2Fsync_login%2F0%3Ftimer%3D%26sessionId%3D6ebb60eb-a874-4a6d-b74e-2a0595ef23c9-1672935641776%26timestamp%3D1672935641781
IP
106.12.226.216:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JSON data\012- , ASCII text, with very long lines (353), with no line terminators
Size
353 B (353 bytes)
Hash
9b0a48562e22dbfad96cffd6c25dd43b
52b256b78e2063d47317f8c549a0989b9bd184a9
dfeb738216ae7f16c266cd88ad9200550179562a07530030893ebf54ed43d2f6

HTTP Headers

GET /v3/login/api/authopenbduss?client_id=fHUnn02XwCrywmmdUtCdK6eC&return_type=3&tpl=licaient&u=http%3A%2F%2F106.12.224.4%2Finsurface%2Fapi%2F0%2Fsync_login%2F0%3Ftimer%3D%26sessionId%3D6ebb60eb-a874-4a6d-b74e-2a0595ef23c9-1672935641776%26timestamp%3D1672935641781 HTTP/1.1
Host: passport.duxiaoman.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://106.12.224.4/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Content-Type,x-baidu-ie,x-pay-fe
Access-Control-Allow-Methods: POST, GET, OPTIONS
Cache-Control: no-cache
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Date: Thu, 05 Jan 2023 16:20:55 GMT
Expires: Fri, 30 Oct 1998 14:19:41 GMT
Location: https://wappass.baidu.com/v3/login/api/authopenbduss?client_id=fHUnn02XwCrywmmdUtCdK6eC&return_type=3&tpl=licaient&u=http%3A%2F%2F106.12.224.4%2Finsurface%2Fapi%2F0%2Fsync_login%2F0%3Ftimer%3D%26sessionId%3D6ebb60eb-a874-4a6d-b74e-2a0595ef23c9-1672935641776%26timestamp%3D1672935641781
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: Apache
Set-Cookie: AB_EXPERIMENT=%7B%22PC_SESSION_COOKIE_SWITCH%22%3A%22ON%22%2C%22group_cloud_smallflow%22%3A%22%22%2C%22ORDER_SIX_MONTH_CHECK%22%3A%22ON%22%2C%22group_smallflow%22%3A%22%22%2C%22CHROME80_SET_COOKIE%22%3A%22ON%22%2C%22group_smallflow_uri%22%3A%22%22%2C%22rccGetChannelInfoSink%22%3A%22ON%22%7D; path=/; httponly; max-age=60
BAIDUID=4E350CFFD8CA5E24578B45386898E78B:FG=1; expires=Fri, 05-Jan-24 16:20:55 GMT; max-age=31536000; path=/; domain=.dxmpay.com; version=1
Tracecode: 22550793042786368778010600
X-Bfb-Rt: 0.004
Transfer-Encoding: chunked

106.12.226.216

302 Found

353 B

URL HTTP/1.1
passport.duxiaoman.com/v3/login/api/authopenbduss?client_id=fHUnn02XwCrywmmdUtCdK6eC&return_type=3&tpl=licaient&u=http%3A%2F%2F106.12.224.4%2Finsurface%2Fapi%2F0%2Fsync_login%2F0%3Ftimer%3D%26sessionId%3D6ebb60eb-a874-4a6d-b74e-2a0595ef23c9-1672935641776%26timestamp%3D1672935643897
IP
106.12.226.216:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JSON data\012- , ASCII text, with very long lines (353), with no line terminators
Size
353 B (353 bytes)
Hash
e3d5a64b8cafd84d4b82b92f932e010a
62ed72c456439e2002440993ba35b3a2ec9aa809
302f5b29da0cabdbc7f0f893faad69291e6bf91949a710b30706cd5855c0bb72

HTTP Headers

GET /v3/login/api/authopenbduss?client_id=fHUnn02XwCrywmmdUtCdK6eC&return_type=3&tpl=licaient&u=http%3A%2F%2F106.12.224.4%2Finsurface%2Fapi%2F0%2Fsync_login%2F0%3Ftimer%3D%26sessionId%3D6ebb60eb-a874-4a6d-b74e-2a0595ef23c9-1672935641776%26timestamp%3D1672935643897 HTTP/1.1
Host: passport.duxiaoman.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://106.12.224.4/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Content-Type,x-baidu-ie,x-pay-fe
Access-Control-Allow-Methods: POST, GET, OPTIONS
Cache-Control: no-cache
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Date: Thu, 05 Jan 2023 16:20:55 GMT
Expires: Fri, 30 Oct 1998 14:19:41 GMT
Location: https://wappass.baidu.com/v3/login/api/authopenbduss?client_id=fHUnn02XwCrywmmdUtCdK6eC&return_type=3&tpl=licaient&u=http%3A%2F%2F106.12.224.4%2Finsurface%2Fapi%2F0%2Fsync_login%2F0%3Ftimer%3D%26sessionId%3D6ebb60eb-a874-4a6d-b74e-2a0595ef23c9-1672935641776%26timestamp%3D1672935643897
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: Apache
Set-Cookie: AB_EXPERIMENT=%7B%22PC_SESSION_COOKIE_SWITCH%22%3A%22ON%22%2C%22group_cloud_smallflow%22%3A%22%22%2C%22ORDER_SIX_MONTH_CHECK%22%3A%22ON%22%2C%22group_smallflow%22%3A%22%22%2C%22CHROME80_SET_COOKIE%22%3A%22ON%22%2C%22group_smallflow_uri%22%3A%22%22%2C%22rccGetChannelInfoSink%22%3A%22ON%22%7D; path=/; httponly; max-age=60
BAIDUID=C65FDA70E986491AD50D94407C280FBF:FG=1; expires=Fri, 05-Jan-24 16:20:55 GMT; max-age=31536000; path=/; domain=.dxmpay.com; version=1
Tracecode: 22552857812736037130010600
X-Bfb-Rt: 0.004
Transfer-Encoding: chunked

106.12.224.4/juhe/insurface/item/homepage?errTimes=0&from=4&channelId=&sourceChannel=&sessionId=6ebb60eb-a874-4a6d-b74e-2a0595ef23c9-1672935641776&syncStokenTime=0&timestamp=27882260&type=1

106.12.224.4

200 OK

15 kB

URL HTTP/1.1
106.12.224.4/juhe/insurface/item/homepage?errTimes=0&from=4&channelId=&sourceChannel=&sessionId=6ebb60eb-a874-4a6d-b74e-2a0595ef23c9-1672935641776&syncStokenTime=0&timestamp=27882260&type=1
IP
106.12.224.4:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (57470), with no line terminators
Size
15 kB (14737 bytes)
Hash
973f68e6e0af124693f8aa97ed6b9a9a
7b9337bb94d01d6cc82c17f921d732db14063c7f
516aaaf9bcb2a8df158bc6f0bf94ff0898d8b815337eab4f5ed4c3c58b9d1137

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /juhe/insurface/item/homepage?errTimes=0&from=4&channelId=&sourceChannel=&sessionId=6ebb60eb-a874-4a6d-b74e-2a0595ef23c9-1672935641776&syncStokenTime=0&timestamp=27882260&type=1 HTTP/1.1
Host: 106.12.224.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: http://106.12.224.4/m/home
Cookie: DXMBXID=DXMBXID667c3ee6-0cce-46e5-84c3-14fbdab9187b; LOG_SESSION_ID=6ebb60eb-a874-4a6d-b74e-2a0595ef23c9-1672935641776; Hm_lvt_d5ba068ce0bdbb86e2be209d513162f8=1672935644; Hm_lpvt_d5ba068ce0bdbb86e2be209d513162f8=1672935644

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: application/json;charset=UTF-8
Date: Thu, 05 Jan 2023 16:20:55 GMT
Expires: 0
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Pragma: no-cache
Server: Apache
Set-Cookie: BAIDUID=EFB579B6DBFFB27BC81763F8922F2146:FG=1; expires=Fri, 05-Jan-24 16:20:55 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Strict-Transport-Security: max-age=5400; includeSubDomains
Tracecode: 12546536092248509962010600, 22551800132182585610010600
Vary: Accept-Encoding, Accept-Encoding
X-Application-Context: insuraggre:8680
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
Transfer-Encoding: chunked

106.12.224.4/insurweb/app/h5_app/point

106.12.224.4

301 Moved Permanently

162 B

URL HTTP/1.1
106.12.224.4/insurweb/app/h5_app/point
IP
106.12.224.4:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /insurweb/app/h5_app/point HTTP/1.1
Host: 106.12.224.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json;charset=UTF-8
Content-Length: 822
Origin: http://106.12.224.4
Connection: keep-alive
Referer: http://106.12.224.4/m/home
Cookie: DXMBXID=DXMBXID667c3ee6-0cce-46e5-84c3-14fbdab9187b; LOG_SESSION_ID=6ebb60eb-a874-4a6d-b74e-2a0595ef23c9-1672935641776; Hm_lvt_d5ba068ce0bdbb86e2be209d513162f8=1672935644; Hm_lpvt_d5ba068ce0bdbb86e2be209d513162f8=1672935644

HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html
Date: Thu, 05 Jan 2023 16:20:55 GMT
Location: https://106.12.224.4/p
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: Apache
Set-Cookie: BAIDUID=C69C51473601CCF0A3F659268D7F80C6:FG=1; expires=Fri, 05-Jan-24 16:20:55 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Tracecode: 22556892912769722634010600
Transfer-Encoding: chunked

w1.dxmstatic.com/static/xstatic2/todotask/todotask.1.6.js?r=2021110213

58.254.180.65

200 OK

0 B

URL HTTP/2
w1.dxmstatic.com/static/xstatic2/todotask/todotask.1.6.js?r=2021110213
IP
58.254.180.65:0
ASN
#136958 China Unicom Guangdong IP network

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/xstatic2/todotask/todotask.1.6.js?r=2021110213 HTTP/1.1
Host: w1.dxmstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 05 Jan 2023 16:20:51 GMT
content-type: application/x-javascript
expires: Wed, 21 Dec 2022 14:02:17 GMT
last-modified: Thu, 17 Mar 2022 04:51:19 GMT
cache-control: public,max-age=1800
content-encoding: gzip
age: 1304691
accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-headers: Content-Type,x-baidu-ie
access-control-allow-methods: POST, GET, OPTIONS
tracecode: 04470980953205537034062117
vary: Accept-Encoding
timing-allow-origin: *
ohc-global-saved-time: Wed, 21 Dec 2022 13:32:17 GMT
ohc-cache-hit: gz3un63 [4], jnuncache63 [2], wzix63 [4]
ohc-file-size: 16632
x-cache-status: HIT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations