Report - www.cpa12345.com/555

Report Overview

Submitted URL
www.cpa12345.com/555
IP
156.232.149.162
ASN
#134548 DXTL Tseung Kwan O Service
Submitted
2023-03-07 13:24:01
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
3
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-24T18:14:23Z	782 B	2.4 kB	35.241.9.150
www.cpa12345.com	unknown			1.2 kB	3.7 kB	156.232.149.162
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-25T05:09:35Z	359 B	1.9 kB	104.18.21.226
8499165.com	unknown	2022-10-27T07:16:30Z	2023-03-25T05:12:09Z	382 B	479 kB	172.247.50.244
688aaa.us	unknown	2023-02-19T09:47:00Z	2023-03-24T10:20:27Z	395 B	746 kB	103.170.15.94
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-24T18:17:07Z	606 B	127 B	54.149.229.221
dvcasha2.ocsp-certum.com	71753	2014-11-27T09:04:42Z	2023-03-25T05:11:26Z	348 B	1.9 kB	95.101.10.107
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-25T03:31:21Z	340 B	963 B	104.18.32.68
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-25T05:09:02Z	3.0 kB	8.0 kB	23.36.76.226
cjg67.com	unknown			5.6 kB	239 kB	122.10.10.41
595tuchuang.com	unknown	2022-12-21T13:40:45Z	2023-03-25T05:11:25Z	375 B	145 kB	23.224.27.252
api.share.baidu.com	44629	2013-04-25T16:45:11Z	2023-03-25T05:47:10Z	680 B	273 B	180.101.212.103
zerossl.ocsp.sectigo.com	4049	2020-05-09T21:05:29Z	2023-03-25T05:10:04Z	348 B	1.2 kB	104.18.32.68
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-24T18:20:20Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-25T05:09:25Z	333 B	391 B	34.117.237.239
push.zhanzhang.baidu.com	57139	2015-07-22T07:44:02Z	2023-03-25T05:49:06Z	286 B	750 B	180.101.212.103
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-24T16:33:49Z	2.7 kB	40 kB	34.120.237.76
hm.baidu.com	8254	2012-05-26T10:38:45Z	2023-03-25T05:10:23Z	2.0 kB	24 kB	103.235.46.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-07 13:23:54	low	172.247.50.244	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2023-03-07 13:23:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-03-07 13:23:59	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-07	medium	www.cpa12345.com/555	Malware
2023-03-07	medium	www.cpa12345.com/common.js	Malware
2023-03-07	medium	www.cpa12345.com/tj.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (30)

	URL	Size	First Seen	Last Seen
	cjg67.com/	634 B	2023-03-07	2023-03-26
Pretty URL cjg67.com/ IP 122.10.10.41 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:03:21 Last Seen2023-03-26 08:55:23 Times Seen3 Hash 5fa457584c54133654c5e2c1477fdf9c c6066362d7688a2ea5228fccbfe2d6bb1596bcb2 93db09d5f9823c3bcdef3ca869d7d2a74449d6f9298e353766c3d39bfb001608 Loading...

	cjg67.com/static/plugins/jquery-validation/dist/jquery.validate.min.js	23 kB	2023-03-07	2024-04-25
Pretty URL cjg67.com/static/plugins/jquery-validation/dist/jquery.validate.min.js IP 122.10.10.41 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:52 Last Seen2024-04-25 10:11:23 Times Seen989 Hash 93c1dd8416ac2af1850652d5b620a142 6a76e4c7db479053350580469aa010febfdcacd0 17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50 Loading...

	cjg67.com/static/js/jquery.metadata.js	4.1 kB	2023-03-07	2024-01-06
Pretty URL cjg67.com/static/js/jquery.metadata.js IP 122.10.10.41 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:03:21 Last Seen2024-01-06 23:00:37 Times Seen38 Hash 68aafcfe9aa1ab7d83a6ce8df302155e 0e940c157078d0cb2a746b88ad339a2e2bf736f5 f5bf35ec31a628e648ebeaa60f93f5a282838a9a0d37389df247392016a86164 Loading...

	cjg67.com/	772 B	2023-03-14	2023-03-25
Pretty URL cjg67.com/ IP 122.10.10.41 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 18:59:19 Last Seen2023-03-25 22:40:35 Times Seen2 Hash 1ddf75e7ca2cf86467e545a6c8bf041f b22b9ee2979adbd42a8980495ac8e2c170304f38 88d91d845eaea1e0882fcd8b593054a96ff8daecfba035bce9dedb90c540aede Loading...

	push.zhanzhang.baidu.com/push.js	281 B	2023-03-07	2024-04-25
Pretty URL push.zhanzhang.baidu.com/push.js IP 180.101.212.103 ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-25 10:56:53 Times Seen18996 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

	cjg67.com/static/js/jquery-1.10.2.min.js	93 kB	2023-03-07	2024-04-25
Pretty URL cjg67.com/static/js/jquery-1.10.2.min.js IP 122.10.10.41 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-25 10:13:24 Times Seen10151 Hash 628072e7212db1e8cdacb22b21752cda 0511abe9863c2ea7084efa7e24d1d86c5b3974f1 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988 Loading...

	cjg67.com/	772 B	2023-03-07	2023-03-25
Pretty URL cjg67.com/ IP 122.10.10.41 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:03:21 Last Seen2023-03-25 22:40:35 Times Seen2 Hash 189da80d2ea2a072bf1058d8c87cde13 fd532dbb5a6ee052d95bead740e7d7fded7e50d8 49ed301a7f84aa8a2fbda1cef05669097412cf753f013a2188efb3227a10f33b Loading...

	hm.baidu.com/hm.js?394d0ec1fdd0117524d5d73bc05d51e2	30 kB	2023-03-25	2023-03-25
Pretty URL hm.baidu.com/hm.js?394d0ec1fdd0117524d5d73bc05d51e2 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:40:35 Last Seen2023-03-25 22:40:35 Times Seen1 Hash 2e6081641dbdbd3dbdc62876c4ce58a2 f9eb6e196fadf8e7b2cca8a8fc27cf602d21e5bb ee4452034a3a9d5f31044fdf9f712e606b29746a096c25e36f33b10b2bcc369e Loading...

	www.cpa12345.com/555	34 B	2023-03-25	2023-03-25
Pretty URL www.cpa12345.com/555 IP 156.232.149.162 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:40:35 Last Seen2023-03-25 22:40:35 Times Seen1 Hash 09ff4a3a47ca7a6c92efe1932d7c6364 a2fbec5c7fc870f0bed1c1d26283fbfa32b01088 67336768c65e61dffaf69d97a12696c2eb36b061d63a25318bb46574f5c8c654 Loading...

	www.cpa12345.com/tj.js	258 B	2023-03-25	2023-03-25
Pretty URL www.cpa12345.com/tj.js IP 156.232.149.162 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:40:35 Last Seen2023-03-25 22:40:35 Times Seen1 Hash 5c3d833c0a741091dcd422c040fd9ece 12caebd03480262c66846b1287f39c891366b3d2 fce25848218876cfd0135c4aff85d156bcbadedbe608af6575c1aca9097dd76c Loading...

	cjg67.com/	254 B	2023-03-25	2023-03-25
Pretty URL cjg67.com/ IP 122.10.10.41 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:40:35 Last Seen2023-03-25 22:40:35 Times Seen1 Hash e30b2a887240dffb5e315c56589a7b80 a6b2d84724e25337aced36ea36f6804debd6ed89 a4855a300aaf59b7ea11b37e78ab794322cd7a4f9b737d846f079bce03a3e0b5 Loading...

	cjg67.com/static/js/sockjs.min.js	59 kB	2023-03-07	2023-10-14
Pretty URL cjg67.com/static/js/sockjs.min.js IP 122.10.10.41 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:03:21 Last Seen2023-10-14 05:15:25 Times Seen5 Hash d32de8ccf2c98ee815680e51bd57ab45 0abf085039a7e5f6835fe94ce2a65ae8f1b472fb a2d021086e4b562368ae6cdd37940962a3c9a60983ebbb998e708c7456df04f5 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 11:30:16 Times Seen37062471 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cjg67.com/static/plugins/jquery-validation/dist/localization/messages_zh.min.js	1.2 kB	2023-03-07	2023-10-14
Pretty URL cjg67.com/static/plugins/jquery-validation/dist/localization/messages_zh.min.js IP 122.10.10.41 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:03:21 Last Seen2023-10-14 05:15:25 Times Seen12 Hash 75962c3c568f4c11dc1021a5ec2b0aaf ff29631e64b62bbfc2d839a95a9da854c92829fc e6397d76477b6bb7afbeda4921443c5d3f23188aefd17fdc44c1155bfded3140 Loading...

	cjg67.com/	2.7 kB	2023-03-14	2023-03-25
Pretty URL cjg67.com/ IP 122.10.10.41 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 18:59:19 Last Seen2023-03-25 22:40:35 Times Seen2 Hash 03bdf718de2b3c304c441459fc13a3b1 ba1cff3f8e72333f5149e37f6d3c3e94158d35f0 145906885379b82ff4114f7f872834bd08742e55640d379bdd5c9516baf9c56b Loading...

	cjg67.com/static/js/jquery.cookie.js	3.1 kB	2023-03-07	2024-04-25
Pretty URL cjg67.com/static/js/jquery.cookie.js IP 122.10.10.41 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:39 Last Seen2024-04-25 09:42:49 Times Seen9126 Hash d5528dde0006c78be04817327c2f9b6f 31e1bcc4cf805a2c2fee21f48ded1e598f64a2a8 b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8 Loading...

	www.cpa12345.com/common.js	1.5 kB	2023-03-25	2023-03-25
Pretty URL www.cpa12345.com/common.js IP 156.232.149.162 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:40:35 Last Seen2023-03-25 22:40:35 Times Seen1 Hash 1e5c2a3f4b91006c2f93de7b50648465 9d735e099a1ede18638333d2f513e82d0617dce9 5b02ebbf4e9774d627ddb5f3af766e4b5837bb8faebf0fabf959d8e6b0c440b2 Loading...

	www.cpa12345.com/555	36 B	2023-03-25	2023-03-25
Pretty URL www.cpa12345.com/555 IP 156.232.149.162 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:40:35 Last Seen2023-03-25 22:40:35 Times Seen1 Hash dcb74f08095fd1270781248bf75d3dbb 9e136f69ded38c48303a82b0daad243cd94cd705 0ec641e15f5de6c5e446e4dec047d58790f19f6b6b6dc528b27a1339c491f4d9 Loading...

	hm.baidu.com/hm.js?11217bffa780ab3732248ccd4425a922	30 kB	2023-03-25	2023-03-25
Pretty URL hm.baidu.com/hm.js?11217bffa780ab3732248ccd4425a922 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:40:35 Last Seen2023-03-25 22:40:35 Times Seen1 Hash c166d55b9a0557c7f63885604c890ab2 21de0367d1f55a1b6a6a2bb40454ac4e6b47c34f 5236395c5af483063de759042a1070fa580b5c93c7e86f6dea306e4ee57edfd9 Loading...

	cjg67.com/static/theme-sp/vip1/base.js	4.2 kB	2023-03-07	2023-10-14
Pretty URL cjg67.com/static/theme-sp/vip1/base.js IP 122.10.10.41 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:03:21 Last Seen2023-10-14 05:15:25 Times Seen9 Hash a4f4616f245292a363c9786665631062 b3be3e884fe21e2bb2d1cab43ed21c379c3efc3f f56953a308de1c3943fda90a5cbc1739756b9d3b7e0222915319213b7dcd4c70 Loading...

	cjg67.com/static/ad.js	1.1 kB	2023-03-25	2023-03-25
Pretty URL cjg67.com/static/ad.js IP 122.10.10.41 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:40:35 Last Seen2023-03-25 22:40:35 Times Seen1 Hash 0727e3d0c1a09a03087c6e8f22162fb4 27b43721faa1f0935e87de6761d1d616edb1318b 01e26bfee2a354cc2b2f92a66f9516491bffe2e215adce759d763d5d401066d1 Loading...

	cjg67.com/static/plugins/layer_mobile/layer.js	3.3 kB	2023-03-07	2024-04-25
Pretty URL cjg67.com/static/plugins/layer_mobile/layer.js IP 122.10.10.41 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:12 Last Seen2024-04-25 09:42:49 Times Seen3154 Hash 79b7829af0bbfea5760aa606bf1a02c7 54c27862e41ef815009fca7b54d9d463cfb015bc 2fc4428e63cd5bd982210576674877bd1ba3eb59b9f4686d3668fd94530fa4b7 Loading...

		Size	First Seen	Last Seen
	#1 Write - d503a10814162dfa744ee07339865674	190 B	2023-03-14	2023-03-25
Pretty Observations First Seen2023-03-14 18:59:19 Last Seen2023-03-25 22:40:35 Times Seen2 Hash d503a10814162dfa744ee07339865674 e10052fa6f06784f9a267e02d749df21b593624f eb0c9095f4f4f0e940720aec3b1c63c2c8b06daee4680f597ec506ea0e67aef2 Loading...

	#2 Write - 74312d9fd3d0d77a65b4edf6f7a9d543	169 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 12:43:11 Last Seen2024-04-24 09:12:37 Times Seen2524 Hash 74312d9fd3d0d77a65b4edf6f7a9d543 f8f99b78a90612dba2ab0f2f96d35ef3c77cd3c6 e3932ed210d0dfb6820eacc496a3e5a609b8f011515b9324fe93b5d956a11f08 Loading...

	#3 Write - 50d760fb043000b5d6260521fd080d4f	321 B	2023-03-25	2023-03-25
Pretty Observations First Seen2023-03-25 22:40:35 Last Seen2023-03-25 22:40:35 Times Seen1 Hash 50d760fb043000b5d6260521fd080d4f a91d33508060748c23f26c1a4306c759c0dfc85e 931e0faebe35696cb9f654d5ef17be975da717e1f1accfe2d372776d3f2a9927 Loading...

	#4 Write - b3d902e98dab6923fe97ae105a4b70a8	76 B	2023-03-25	2023-03-25
Pretty Observations First Seen2023-03-25 22:40:35 Last Seen2023-03-25 22:40:35 Times Seen1 Hash b3d902e98dab6923fe97ae105a4b70a8 3dca4d6b06155de743bc9b4e49ac975db5b9d858 bd8cdeeac39b305777a5ff9cb2dfdd0b2ad87cc3310337b38e9af130878c35e7 Loading...

	#5 Write - 3eb008578d90f98496512b16733b3d00	67 B	2023-03-14	2023-08-29
Pretty Observations First Seen2023-03-14 18:59:19 Last Seen2023-08-29 20:50:37 Times Seen4 Hash 3eb008578d90f98496512b16733b3d00 89939c3987c3982bf6f61b536c6137c0d0a2bcdc 886dffac9729055d51b616e06b0c5fcd34f34f513655fa1c857d652bfaf4fb07 Loading...

	#6 Write - a65280767c0e48ade55b98ec44b1c79a	23 B	2023-03-08	2024-04-18
Pretty Observations First Seen2023-03-08 15:50:43 Last Seen2024-04-18 15:49:24 Times Seen35 Hash a65280767c0e48ade55b98ec44b1c79a cfdf090993c12f7f83d7e55d499a8f7324b59f10 58d9efe0d8778b322b95a0f93a9c3d2d84bcc2e5d83f1d27d2ca7226c554f495 Loading...

	#7 Write - 0fcbf74adc5dfe6093b247bad01ee1df	202 B	2023-03-25	2023-03-25
Pretty Observations First Seen2023-03-25 22:40:35 Last Seen2023-03-25 22:40:35 Times Seen1 Hash 0fcbf74adc5dfe6093b247bad01ee1df 4126077ac8a9b0982aeb43006f50e95e0f6db794 2a47939ae383523ce33acc1cbe89f012f4fec2148d2ea0d00555ae6e362269bb Loading...

	#8 Write - f1613640be1a2c320c69477fba8cc725	214 B	2023-03-14	2023-03-25
Pretty Observations First Seen2023-03-14 18:59:19 Last Seen2023-03-25 22:40:35 Times Seen2 Hash f1613640be1a2c320c69477fba8cc725 8972dfd55242fc11c9dfdb3361115e140b7cdd7f d6040cbb9015e190ae343aef0e3a6ba7359ee69b622e54ae7fcba5927a2a9fa6 Loading...

HTTP Transactions (55)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cf14baed0842431a08367ed54f2346ca
d943be8835b7e4470e3d6fbe09ac39c5464be434
a45fbc8cdddc9f43c0c3c7d73cbb2cdf3cf4c4cd2df20802925b795da5048aa4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A45FBC8CDDDC9F43C0C3C7D73CBB2CDF3CF4C4CD2DF20802925B795DA5048AA4"
Last-Modified: Sun, 05 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16021
Expires: Tue, 07 Mar 2023 17:50:51 GMT
Date: Tue, 07 Mar 2023 13:23:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0f2c901fe04f9e3d18e9c3387b076780
3f0115cd05d7857a8119eff0479f5812df155d3d
84518fa2565f7f63933d3c552e1dc07f84c71f4a3df5d2821484c371ef57b924

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "84518FA2565F7F63933D3C552E1DC07F84C71F4A3DF5D2821484C371EF57B924"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4367
Expires: Tue, 07 Mar 2023 14:36:37 GMT
Date: Tue, 07 Mar 2023 13:23:50 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Mar 2023 13:08:40 GMT
content-type: application/json
age: 910
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5034bcceb9691ad6244be6045742ab53
51e77cdc92833432cd26b13f28875791a187c63c
540637d0d69c1201dcb2dd813b40e64cd07c5bd7685d46a7bad4d437a4e7aeea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "540637D0D69C1201DCB2DD813B40E64CD07C5BD7685D46A7BAD4D437A4E7AEEA"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19059
Expires: Tue, 07 Mar 2023 18:41:29 GMT
Date: Tue, 07 Mar 2023 13:23:50 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Q1IBYcQibKBgxe0DCyl5+5qoIal2LKuqWJvlJoOe52C6mn/sfcbHbd8dFGILRWWKnukTRAe7VJ0=
x-amz-request-id: 9F1RQV7RWM55VV23
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Mar 2023 13:17:35 GMT
age: 375
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 07 Mar 2023 13:23:50 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.cpa12345.com/555

156.232.149.162

200 OK

593 B

URL HTTP/1.1
www.cpa12345.com/555
IP
156.232.149.162:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (895), with CRLF line terminators
Size
593 B (593 bytes)
Hash
1b50ff0a82641ee3e21fe33e2dcabc25
085a2e62aaddbe020a2f75780c82d58c516cd177
b594ae006abdde984b00968e4eef3cb71a17e9032d8952d49f3ac5e4307a1859

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /555 HTTP/1.1
Host: www.cpa12345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

www.cpa12345.com/common.js

156.232.149.162

200 OK

810 B

URL HTTP/1.1
www.cpa12345.com/common.js
IP
156.232.149.162:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
HTML document text\012- HTML document, ASCII text
Size
810 B (810 bytes)
Hash
cc395eea1a022215679c10ed90d6ecbe
daeac3584863ae9d71fe5b75ff2ee6fd6f86c6dc
45b84d2f82680b1bfd38bc2943aeabbdda59d04031d257e7c0a6cce58a78c106

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /common.js HTTP/1.1
Host: www.cpa12345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cpa12345.com/555

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:50 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

www.cpa12345.com/tj.js

156.232.149.162

200 OK

258 B

URL HTTP/1.1
www.cpa12345.com/tj.js
IP
156.232.149.162:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
ASCII text, with CRLF line terminators
Size
258 B (258 bytes)
Hash
5c3d833c0a741091dcd422c040fd9ece
12caebd03480262c66846b1287f39c891366b3d2
fce25848218876cfd0135c4aff85d156bcbadedbe608af6575c1aca9097dd76c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /tj.js HTTP/1.1
Host: www.cpa12345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cpa12345.com/555

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:50 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Cache-Control, Expires, Alert, Content-Type, Pragma, Retry-After, Last-Modified, Backoff, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Mar 2023 13:12:30 GMT
age: 681
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc9a86b8d3035b57b58750f8896202e8
1485042fff689cadbf0c7a540f430993f23d45e3
b06e4961e184d51008f4adb9c8fe571f08b21b4728e5eac0bb4795861e03aa2f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B06E4961E184D51008F4ADB9C8FE571F08B21B4728E5EAC0BB4795861E03AA2F"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2401
Expires: Tue, 07 Mar 2023 14:03:52 GMT
Date: Tue, 07 Mar 2023 13:23:51 GMT
Connection: keep-alive

www.cpa12345.com/favicon.ico

156.232.149.162

200 OK

1.2 kB

URL HTTP/1.1
www.cpa12345.com/favicon.ico
IP
156.232.149.162:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.cpa12345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cpa12345.com/555

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:51 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sun, 12 Mar 2023 13:23:51 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes

push.services.mozilla.com/

54.149.229.221

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.149.229.221:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +KZ0JryT3SdD/jZ4wXd9lg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eXNInBtqGCbecOLaHf6/r/36PAM=

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
b248a18676e46f85ae12e85470fb2045
decae54274ce881706fa982c28aeca39d18ae6f3
48886c21dad301c36bd288dc81f8a7fce6384226e645ce5de55d29712912fa59

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 Mar 2023 13:23:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 11 Mar 2023 12:15:57 GMT
ETag: "decae54274ce881706fa982c28aeca39d18ae6f3"
Last-Modified: Tue, 07 Mar 2023 12:15:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2332
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a4327ca2c4ab517-OSL

cjg67.com/

122.10.10.41

200

12 kB

URL HTTP/1.1
cjg67.com/
IP
122.10.10.41:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Size
12 kB (11758 bytes)
Hash
d4176258253b64a16dee434ccfc09587
d2493d8670c881a8432f166c0533639d6cc34b70
09326ba7beb6bf5ea4096bf2348729554199403d37902475b056b7168cdf8ae3

HTTP Headers

GET / HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cpa12345.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Server: nginx
Date: Tue, 07 Mar 2023 13:23:51 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: JSESSIONID=A121DC85D58DA225CCA25DB7476DE7E5; Path=/; HttpOnly
_visitor=93e61c4d2031f68dbe5b08c2c5e84236; Max-Age=8; Expires=Tue, 07-Mar-2023 13:23:59 GMT; Path=/
_visitor_from=www.cpa12345.com; Max-Age=8; Expires=Tue, 07-Mar-2023 13:23:59 GMT; Path=/
Accept-Charset: big5, big5-hkscs, cesu-8, euc-jp, euc-kr, gb18030, gb2312, gbk, ibm-thai, ibm00858, ibm01140, ibm01141, ibm01142, ibm01143, ibm01144, ibm01145, ibm01146, ibm01147, ibm01148, ibm01149, ibm037, ibm1026, ibm1047, ibm273, ibm277, ibm278, ibm280, ibm284, ibm285, ibm290, ibm297, ibm420, ibm424, ibm437, ibm500, ibm775, ibm850, ibm852, ibm855, ibm857, ibm860, ibm861, ibm862, ibm863, ibm864, ibm865, ibm866, ibm868, ibm869, ibm870, ibm871, ibm918, iso-2022-cn, iso-2022-jp, iso-2022-jp-2, iso-2022-kr, iso-8859-1, iso-8859-13, iso-8859-15, iso-8859-2, iso-8859-3, iso-8859-4, iso-8859-5, iso-8859-6, iso-8859-7, iso-8859-8, iso-8859-9, jis_x0201, jis_x0212-1990, koi8-r, koi8-u, shift_jis, tis-620, us-ascii, utf-16, utf-16be, utf-16le, utf-32, utf-32be, utf-32le, utf-8, windows-1250, windows-1251, windows-1252, windows-1253, windows-1254, windows-1255, windows-1256, windows-1257, windows-1258, windows-31j, x-big5-hkscs-2001, x-big5-solaris, x-compound_text, x-euc-jp-linux, x-euc-tw, x-eucjp-open, x-ibm1006, x-ibm1025, x-ibm1046, x-ibm1097, x-ibm1098, x-ibm1112, x-ibm1122, x-ibm1123, x-ibm1124, x-ibm1166, x-ibm1364, x-ibm1381, x-ibm1383, x-ibm300, x-ibm33722, x-ibm737, x-ibm833, x-ibm834, x-ibm856, x-ibm874, x-ibm875, x-ibm921, x-ibm922, x-ibm930, x-ibm933, x-ibm935, x-ibm937, x-ibm939, x-ibm942, x-ibm942c, x-ibm943, x-ibm943c, x-ibm948, x-ibm949, x-ibm949c, x-ibm950, x-ibm964, x-ibm970, x-iscii91, x-iso-2022-cn-cns, x-iso-2022-cn-gb, x-iso-8859-11, x-jis0208, x-jisautodetect, x-johab, x-macarabic, x-maccentraleurope, x-maccroatian, x-maccyrillic, x-macdingbat, x-macgreek, x-machebrew, x-maciceland, x-macroman, x-macromania, x-macsymbol, x-macthai, x-macturkish, x-macukraine, x-ms932_0213, x-ms950-hkscs, x-ms950-hkscs-xp, x-mswin-936, x-pck, x-sjis_0213, x-utf-16le-bom, x-utf-32be-bom, x-utf-32le-bom, x-windows-50220, x-windows-50221, x-windows-874, x-windows-949, x-windows-950, x-windows-iso2022jp
Access-Control-Allow-Origin: *
Content-Encoding: gzip

cjg67.com/static/plugins/layui/css/layui.css

122.10.10.41

200 OK

16 kB

URL HTTP/1.1
cjg67.com/static/plugins/layui/css/layui.css
IP
122.10.10.41:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
ASCII text, with very long lines (65479)
Size
16 kB (15533 bytes)
Hash
52940ef99ecf94302b58107853f65e64
9be2f01bd8b0aac3a4d349f5dc6db8bc3f4ac69d
23fee03661c67d3688aa8eb8b17ac3e7b4c8bb08755a447cd7876e290867d03d

HTTP Headers

GET /static/plugins/layui/css/layui.css HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:52 GMT
Content-Type: text/css
Last-Modified: Tue, 22 Oct 2019 17:31:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5daf3cf0-10f94"
Access-Control-Allow-Origin: *
Content-Encoding: gzip

cjg67.com/static/ad.js

122.10.10.41

200 OK

302 B

URL HTTP/1.1
cjg67.com/static/ad.js
IP
122.10.10.41:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
HTML document, ASCII text
Size
302 B (302 bytes)
Hash
d4cff60e277fe74bcd9d8d9d7e97196b
89f7d285436b0199b990945c32a6b903b4e6d45a
d3f8cb2a66f34b18a912327132c479952b491db589f757a35e6cf1863dde583c

HTTP Headers

GET /static/ad.js HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:52 GMT
Content-Type: application/javascript
Last-Modified: Mon, 06 Mar 2023 08:06:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"64059eea-45f"
Access-Control-Allow-Origin: *
Content-Encoding: gzip

cjg67.com/static/plugins/layer_mobile/layer.js

122.10.10.41

200 OK

1.6 kB

URL HTTP/1.1
cjg67.com/static/plugins/layer_mobile/layer.js
IP
122.10.10.41:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
Unicode text, UTF-8 text, with very long lines (3204)
Size
1.6 kB (1599 bytes)
Hash
cfcb4fb893ec30fa95a2cac71f2232ac
42caa0317263d82c8d7b218aa65b2ca4171b9d70
ddf707ade54829f62fa9a647be0609ace1a64cd0c43c065f29e3b6332c7dda43

HTTP Headers

GET /static/plugins/layer_mobile/layer.js HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:52 GMT
Content-Type: application/javascript
Last-Modified: Tue, 22 Oct 2019 17:29:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5daf3c5c-ce8"
Access-Control-Allow-Origin: *
Content-Encoding: gzip

cjg67.com/static/js/jquery.metadata.js

122.10.10.41

200 OK

1.6 kB

URL HTTP/1.1
cjg67.com/static/js/jquery.metadata.js
IP
122.10.10.41:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.6 kB (1599 bytes)
Hash
a0d999d7ed04127f0dc356b65eb92b46
c2c12ec05fb194264b9b5bbe1f4adf5798c320fc
4bda74e6f434ba29b5c58346e3709973d54c0539ab9faa8ce67b7a5f71432a05

HTTP Headers

GET /static/js/jquery.metadata.js HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:52 GMT
Content-Type: application/javascript
Last-Modified: Tue, 22 Oct 2019 17:29:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5daf3c66-fec"
Access-Control-Allow-Origin: *
Content-Encoding: gzip

cjg67.com/static/plugins/jquery-validation/dist/jquery.validate.min.js

122.10.10.41

200 OK

8.4 kB

URL HTTP/1.1
cjg67.com/static/plugins/jquery-validation/dist/jquery.validate.min.js
IP
122.10.10.41:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
Unicode text, UTF-8 text, with very long lines (23122)
Size
8.4 kB (8388 bytes)
Hash
72b1cfcf2406a9ac13a31b970b2195c1
a1857f7b5a35cc81c84ea4d6d459cb9d197069bd
77c61607ec2223d2e252e0beb066b320fb13fed6d270d580082c32d1747ceb0e

HTTP Headers

GET /static/plugins/jquery-validation/dist/jquery.validate.min.js HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:52 GMT
Content-Type: application/javascript
Last-Modified: Tue, 22 Oct 2019 17:31:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5daf3cf2-5add"
Access-Control-Allow-Origin: *
Content-Encoding: gzip

cjg67.com/static/plugins/jquery-validation/dist/localization/messages_zh.min.js

122.10.10.41

200 OK

668 B

URL HTTP/1.1
cjg67.com/static/plugins/jquery-validation/dist/localization/messages_zh.min.js
IP
122.10.10.41:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
Unicode text, UTF-8 text, with very long lines (740)
Size
668 B (668 bytes)
Hash
ef20251d8612aa8dd5789975ab6eef63
8e720f643d10de342ede9ddbae7be777052f266f
530d646e657f57cb36fd6ade368a25b1a1bcd5bfa0f336cd97865d05a8be9924

HTTP Headers

GET /static/plugins/jquery-validation/dist/localization/messages_zh.min.js HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:52 GMT
Content-Type: application/javascript
Last-Modified: Tue, 22 Oct 2019 17:31:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5daf3cf2-497"
Access-Control-Allow-Origin: *
Content-Encoding: gzip

cjg67.com/static/theme-sp/vip1/base.js

122.10.10.41

200 OK

2.0 kB

URL HTTP/1.1
cjg67.com/static/theme-sp/vip1/base.js
IP
122.10.10.41:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
2.0 kB (2034 bytes)
Hash
e9598422e4ddedc407880b453861e334
163ebf0d90116eb1eb57ac302e1027c9fde4d788
ff49cae4f2be395d47e4221e5314e1580a83868e787edbf094c575cd3bfd8c13

HTTP Headers

GET /static/theme-sp/vip1/base.js HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:52 GMT
Content-Type: application/javascript
Last-Modified: Mon, 09 Dec 2019 15:54:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5dee6e3e-103c"
Access-Control-Allow-Origin: *
Content-Encoding: gzip

push.zhanzhang.baidu.com/push.js

180.101.212.103

200 OK

227 B

URL HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
180.101.212.103:0
ASN
#134770 CHINANET Jiangsu province Suzhou taihu IDC network

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cpa12345.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Tue, 07 Mar 2023 13:23:52 GMT
Etag: "4078521116"
Expires: Wed, 06 Mar 2024 13:23:52 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=8757BCF5AD51BBA956B2EBCFA3A36683:FG=1; max-age=31536000; expires=Wed, 06-Mar-24 13:23:52 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

cjg67.com/static/js/jquery.cookie.js

122.10.10.41

200 OK

1.4 kB

URL HTTP/1.1
cjg67.com/static/js/jquery.cookie.js
IP
122.10.10.41:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
ASCII text
Size
1.4 kB (1421 bytes)
Hash
4cd3995bf9a06595ba9f10c4e930daa8
0aa715c082f5a12174f0f827372e3aa5fe2116bf
5c6855225fbc78fdbadc7416c2e16b5bcd449424098a6d69c583d0a396ca479e

HTTP Headers

GET /static/js/jquery.cookie.js HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:52 GMT
Content-Type: application/javascript
Last-Modified: Tue, 22 Oct 2019 17:29:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5daf3c66-c31"
Access-Control-Allow-Origin: *
Content-Encoding: gzip

cjg67.com/static/js/jquery-1.10.2.min.js

122.10.10.41

200 OK

37 kB

URL HTTP/1.1
cjg67.com/static/js/jquery-1.10.2.min.js
IP
122.10.10.41:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
ASCII text, with very long lines (32072)
Size
37 kB (36865 bytes)
Hash
fcd5152cb1e5feddf79f5d2213abcc7d
55f59213d31ef055ef2505cdad59e0823c66c087
052635ff1b1c91d40561b01d362d2360c502d81cb974fcb3d47d09c3932b1fdb

HTTP Headers

GET /static/js/jquery-1.10.2.min.js HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:52 GMT
Content-Type: application/javascript
Last-Modified: Tue, 22 Oct 2019 17:29:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5daf3c66-16bb3"
Access-Control-Allow-Origin: *
Content-Encoding: gzip

cjg67.com/style.cssx?_wd=fake

122.10.10.41

200

0 B

URL HTTP/1.1
cjg67.com/style.cssx?_wd=fake
IP
122.10.10.41:0
ASN
#134548 DXTL Tseung Kwan O Service

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /style.cssx?_wd=fake HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive

HTTP/1.1 200 
Server: nginx
Date: Tue, 07 Mar 2023 13:23:52 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *

cjg67.com/static/js/sockjs.min.js

122.10.10.41

200 OK

20 kB

URL HTTP/1.1
cjg67.com/static/js/sockjs.min.js
IP
122.10.10.41:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
ISO-8859 text, with very long lines (32035), with CRLF line terminators
Size
20 kB (20149 bytes)
Hash
b5f1b4a29f2735906b2bfe152859eeac
ecdfe893d0ea4da86e252e6bd2a162bceb076b37
9f09d6fd95f40ab8d3b41944503084c140fe43b0f990edb2cf2abf2aad2c64c0

HTTP Headers

GET /static/js/sockjs.min.js HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:52 GMT
Content-Type: application/javascript
Last-Modified: Tue, 22 Oct 2019 17:29:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5daf3c66-e715"
Access-Control-Allow-Origin: *
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11731
Expires: Tue, 07 Mar 2023 16:39:23 GMT
Date: Tue, 07 Mar 2023 13:23:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11731
Expires: Tue, 07 Mar 2023 16:39:23 GMT
Date: Tue, 07 Mar 2023 13:23:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11731
Expires: Tue, 07 Mar 2023 16:39:23 GMT
Date: Tue, 07 Mar 2023 13:23:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11731
Expires: Tue, 07 Mar 2023 16:39:23 GMT
Date: Tue, 07 Mar 2023 13:23:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11731
Expires: Tue, 07 Mar 2023 16:39:23 GMT
Date: Tue, 07 Mar 2023 13:23:52 GMT
Connection: keep-alive

cjg67.com/static/plugins/layui/layui.all.js

122.10.10.41

200 OK

98 kB

URL HTTP/1.1
cjg67.com/static/plugins/layui/layui.all.js
IP
122.10.10.41:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
Unicode text, UTF-8 text, with very long lines (65131)
Size
98 kB (97596 bytes)
Hash
a91f27a72acd6f056412bb708a5ab359
ae2e69f7c7bc83a222167a9d7fd151aa5b59bca3
e1ef0edd382626aec52e23bfb9a401ff61a24677ad4942ec142f151aecb94df6

HTTP Headers

GET /static/plugins/layui/layui.all.js HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:52 GMT
Content-Type: application/javascript
Last-Modified: Tue, 22 Oct 2019 17:31:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5daf3cf0-3fca1"
Access-Control-Allow-Origin: *
Content-Encoding: gzip

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac192c39-be71-4b23-af6f-d0922c402521.jpeg

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac192c39-be71-4b23-af6f-d0922c402521.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6282 bytes)
Hash
e4a8d319b1ada8f22e8a1874033aba2c
3afc8111b03b662e88e61f4991a20a90d7d4f973
fca961af0737a3f0caa3a8d5762a309b871f54d0c8bd0e6ab4efdee4cf2fa462

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac192c39-be71-4b23-af6f-d0922c402521.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6282
x-amzn-requestid: 7f17d7b2-eff8-4e36-a0b6-661862d08620
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BYOHQGtNIAMFp8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64065d61-18f0b0196b949829744dae4c;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: U0xw1_Kqlj1h5fIdhMFyxdB7mqMJRRx7ZpjFOo165GNmsiGruqLHmg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1d000d0dfe9d69b4983f619fdc5499d6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 22:13:56 GMT
age: 54596
etag: "3afc8111b03b662e88e61f4991a20a90d7d4f973"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e3c14e5-22bb-45cb-88ea-f02e2c9a3090.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.4 kB (3359 bytes)
Hash
e6edb15b0628347e7e7064affe077331
c64ec1ad9bbbed800c3560cbdbe1631fbe5f9e26
56c482b858cef1eb56a47dc54b298c31c2dd85cacdc748cea30b3d74a3cda99b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e3c14e5-22bb-45cb-88ea-f02e2c9a3090.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3359
x-amzn-requestid: c884d077-cb85-41c5-adcb-2baac3350d4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BYOuYHNJIAMFUig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64065e5b-74ab80fe0f96e85957d1a0f3;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 21:42:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 5IlVoIIqNo7P0mzxWpDyuMF8xLoDQqldyINHPFIvnRmLoen0sce1tg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 548adcda884eed02304ba5d6a1d7f514.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 22:09:51 GMT
etag: "c64ec1ad9bbbed800c3560cbdbe1631fbe5f9e26"
content-type: image/jpeg
age: 54841
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e9d3719-c918-44cb-8546-6929c5bebc79.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7235 bytes)
Hash
28063b72ccbc658caa4705a87e7a4e12
35a9f5d55ffadd16548d61c99d59e426dd11ce21
a9a2c8104c6c8454eff30437c96b672e230b073623f33a67614fe4fa3ba0645d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e9d3719-c918-44cb-8546-6929c5bebc79.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7235
x-amzn-requestid: 17b741c5-3911-46a5-b22d-17ef50381ad4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BWO15EPHIAMFx-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640591bf-58dbdf76597432b9505f5805;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 07:09:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: IYw6V_NejqrqRl4UmaUhYInv69UZcaqm8ytploOryAw3Gz4jyJNbdQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b618c0f73dc30c968057784ed0185d7a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Mar 2023 05:13:26 GMT
age: 29426
etag: "35a9f5d55ffadd16548d61c99d59e426dd11ce21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F854c41b2-cfb4-4762-9ada-143a1a51438c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8512 bytes)
Hash
0d9e542d11eb3e8eaf08c83e0d72ea74
3113bde9c7ab14701fc4dbc39eec955b30d70150
c677d4b6fc6cf9c120e4f1844cf4605aeb6c7902fdde34ae21258fbb64d0f79b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F854c41b2-cfb4-4762-9ada-143a1a51438c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8512
x-amzn-requestid: 9f7f00c0-dfb4-4b72-a4be-1a5f3c6f2401
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BYNhZHU4oAMFTsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64065c6f-5b1f26a475702ce913902e66;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: SRN7vb7fldI_vjnuKgm6wXus67qkokYCVJBJXdCNeCQ7mfxRDKcqaQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 85ee490c179dc0af42b771f11421073e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 21:54:06 GMT
age: 55786
etag: "3113bde9c7ab14701fc4dbc39eec955b30d70150"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4d400fe-c6a9-4998-bd0c-22271ed5bede.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9515 bytes)
Hash
7ec4f2da6f73f59d9a2493697cbaec8c
3513d0fa932a2cf6ec0cf948cfd6e9c67e450824
cbe6ab8f36271592c0febfa90fe92c88d96dce40197e66cb7c06470bf99eccde

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4d400fe-c6a9-4998-bd0c-22271ed5bede.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9515
x-amzn-requestid: b2c70ebf-087b-4adf-bc0d-d657586581cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A_J1hHdLoAMFQKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fc5689-632acdce4082512541dc8c1a;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 07:06:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: DH-jkcare5_Lmpq_M188dxcLGdvvYb3mj98EAWqe5Z6YCnxff9Xw3w==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 22:38:34 GMT
age: 53118
etag: "3513d0fa932a2cf6ec0cf948cfd6e9c67e450824"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

hm.baidu.com/hm.js?11217bffa780ab3732248ccd4425a922

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?11217bffa780ab3732248ccd4425a922
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (622)
Size
11 kB (11260 bytes)
Hash
8bbea8c6090ae46cbd18e3865c9647d4
3f2a7ed0116a02e8fe2e06e59412d701a94b0f1e
7cbf4cfdbfb612f6fa5a2648142a498f9c6f839d0fcf34b5902b28b731242c8a

HTTP Headers

GET /hm.js?11217bffa780ab3732248ccd4425a922 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cpa12345.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Tue, 07 Mar 2023 13:23:52 GMT
Etag: d0f2deded22bc01fbc9b0a56205e6dec
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2A63967AA907DE64; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

cjg67.com/static/plugins/layui/css/modules/laydate/default/laydate.css?v=5.0.9

122.10.10.41

200 OK

2.0 kB

URL HTTP/1.1
cjg67.com/static/plugins/layui/css/modules/laydate/default/laydate.css?v=5.0.9
IP
122.10.10.41:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
ASCII text, with very long lines (7480)
Size
2.0 kB (1992 bytes)
Hash
8e9d98ad06a9bf6193bd48081b908b3e
93d48a58c248bb525b775a616d9f676c617358bf
62c32c5dc39f32366134fe68b3868a9b305da856b86232fb65cce19b760a9571

HTTP Headers

GET /static/plugins/layui/css/modules/laydate/default/laydate.css?v=5.0.9 HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:53 GMT
Content-Type: text/css
Last-Modified: Tue, 22 Oct 2019 17:31:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5daf3cf0-1d71"
Access-Control-Allow-Origin: *
Content-Encoding: gzip

cjg67.com/static/plugins/layui/css/modules/layer/default/layer.css?v=3.1.1

122.10.10.41

200 OK

3.3 kB

URL HTTP/1.1
cjg67.com/static/plugins/layui/css/modules/layer/default/layer.css?v=3.1.1
IP
122.10.10.41:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
ASCII text, with very long lines (14368)
Size
3.3 kB (3269 bytes)
Hash
31de70b1f9051220afa7c0d35556a977
e56272fbb5370990fa095a22e74e8baef4e3ca1c
48c4b0cf663a2ea93660e42718518c0f6a47a5d0c5e226a6d1069e763add155b

HTTP Headers

GET /static/plugins/layui/css/modules/layer/default/layer.css?v=3.1.1 HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:53 GMT
Content-Type: text/css
Last-Modified: Tue, 22 Oct 2019 17:31:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5daf3cf0-3859"
Access-Control-Allow-Origin: *
Content-Encoding: gzip

cjg67.com/static/plugins/layui/css/modules/code.css

122.10.10.41

200 OK

469 B

URL HTTP/1.1
cjg67.com/static/plugins/layui/css/modules/code.css
IP
122.10.10.41:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
ASCII text, with very long lines (1006)
Size
469 B (469 bytes)
Hash
236adf5ac6e3eb5c9897ca29cb8cd580
5b40bf7e0669592f7aaba5b4ff71ab08fd0f5e3b
da2d2fdb7e952114f5a8b67423b1ac2f56c2868f5c82d1a26b7ec85334366074

HTTP Headers

GET /static/plugins/layui/css/modules/code.css HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:53 GMT
Content-Type: text/css
Last-Modified: Tue, 22 Oct 2019 17:31:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5daf3cf0-427"
Access-Control-Allow-Origin: *
Content-Encoding: gzip

cjg67.com/static/plugins/layer_mobile/need/layer.css?2.0

122.10.10.41

200 OK

1.4 kB

URL HTTP/1.1
cjg67.com/static/plugins/layer_mobile/need/layer.css?2.0
IP
122.10.10.41:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
ASCII text, with very long lines (5260), with no line terminators
Size
1.4 kB (1428 bytes)
Hash
c017a7ee7e0b0d4837752a449028de0f
ad0ab0e7f5fc86ab0cdc195f81f71debd49efe2e
7680ec2e5e4a908ab4b9a1fe598ae95a553b509a639417333f2e49eacf48bf04

HTTP Headers

GET /static/plugins/layer_mobile/need/layer.css?2.0 HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:53 GMT
Content-Type: text/css
Last-Modified: Tue, 22 Oct 2019 17:29:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5daf3c5c-148c"
Access-Control-Allow-Origin: *
Content-Encoding: gzip

api.share.baidu.com/s.gif?l=http://www.cpa12345.com/555

180.101.212.103

200 OK

0 B

URL HTTP/1.1
api.share.baidu.com/s.gif?l=http://www.cpa12345.com/555
IP
180.101.212.103:0
ASN
#134770 CHINANET Jiangsu province Suzhou taihu IDC network

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s.gif?l=http://www.cpa12345.com/555 HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cpa12345.com/

HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Tue, 07 Mar 2023 13:23:53 GMT

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=113204116&si=11217bffa780ab3732248ccd4425a922&v=1.3.0&lv=1&sn=40688&r=0&ww=1280&u=http%3A%2F%2Fwww.cpa12345.com%2F555&tt=%E5%B7%A2%E6%B9%96%E4%BA%B2%E5%89%BF%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=113204116&si=11217bffa780ab3732248ccd4425a922&v=1.3.0&lv=1&sn=40688&r=0&ww=1280&u=http%3A%2F%2Fwww.cpa12345.com%2F555&tt=%E5%B7%A2%E6%B9%96%E4%BA%B2%E5%89%BF%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=113204116&si=11217bffa780ab3732248ccd4425a922&v=1.3.0&lv=1&sn=40688&r=0&ww=1280&u=http%3A%2F%2Fwww.cpa12345.com%2F555&tt=%E5%B7%A2%E6%B9%96%E4%BA%B2%E5%89%BF%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cpa12345.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 07 Mar 2023 13:23:53 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=83A03CBEF7CADFCE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

api.share.baidu.com/s.gif?r=http%3A%2F%2Fwww.cpa12345.com%2F&l=http://cjg67.com/

180.101.212.103

200 OK

23 B

URL HTTP/1.1
api.share.baidu.com/s.gif?r=http%3A%2F%2Fwww.cpa12345.com%2F&l=http://cjg67.com/
IP
180.101.212.103:0
ASN
#134770 CHINANET Jiangsu province Suzhou taihu IDC network

File type
data
Size
23 B (23 bytes)
Hash
f0d79988b7772c003d04a28bd7417a62
58423a999eec2997bcfffb247e9ecd3dfd0abf44
30e6fa98fb48c2b132824d1ac5e2243c0be9e9082ff32598d34d7687ca7f6c7f

HTTP Headers

GET /s.gif?r=http%3A%2F%2Fwww.cpa12345.com%2F&l=http://cjg67.com/ HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cjg67.com/

HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Length: 23
Content-Type: image/gif
Server: bfe
Date: Tue, 07 Mar 2023 13:23:53 GMT

hm.baidu.com/hm.js?394d0ec1fdd0117524d5d73bc05d51e2

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?394d0ec1fdd0117524d5d73bc05d51e2
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (623)
Size
11 kB (11261 bytes)
Hash
e183495b434d0f5e20882569e5e9f023
5aae31a69b503456dd93fe65661c9e27d5a29d79
96b6448ce923d2beb122e7c8806677a902c8f241c356dda0b768054269fb13a2

HTTP Headers

GET /hm.js?394d0ec1fdd0117524d5d73bc05d51e2 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cjg67.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11261
Content-Type: application/javascript
Date: Tue, 07 Mar 2023 13:23:52 GMT
Etag: 3c997b9473a37a2cdec03ee915d5615e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2CB2540F9CC7A415; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1101183475&si=394d0ec1fdd0117524d5d73bc05d51e2&su=http%3A%2F%2Fwww.cpa12345.com%2F&v=1.3.0&lv=1&sn=40689&r=0&ww=1280&u=http%3A%2F%2Fcjg67.com%2F&tt=%E8%97%8F%E7%B2%BE%E9%98%81

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1101183475&si=394d0ec1fdd0117524d5d73bc05d51e2&su=http%3A%2F%2Fwww.cpa12345.com%2F&v=1.3.0&lv=1&sn=40689&r=0&ww=1280&u=http%3A%2F%2Fcjg67.com%2F&tt=%E8%97%8F%E7%B2%BE%E9%98%81
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1101183475&si=394d0ec1fdd0117524d5d73bc05d51e2&su=http%3A%2F%2Fwww.cpa12345.com%2F&v=1.3.0&lv=1&sn=40689&r=0&ww=1280&u=http%3A%2F%2Fcjg67.com%2F&tt=%E8%97%8F%E7%B2%BE%E9%98%81 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cjg67.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 07 Mar 2023 13:23:53 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=B1BF7BCFD260CD20; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
6af4d05eea968a8214f398ad7ce3d764
2f8aeca33caf01d18d02cf4cf95186f82f03a495
fd3f78175f7275be40285838d3ecccfa88f9aeee33451cd63750f2d9abc652ec

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 Mar 2023 13:23:54 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sun, 05 Mar 2023 23:17:32 GMT
Expires: Sun, 12 Mar 2023 23:17:31 GMT
Etag: "2f8aeca33caf01d18d02cf4cf95186f82f03a495"
Cache-Control: max-age=467016,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a4327d94fc81c06-OSL

dvcasha2.ocsp-certum.com/

95.101.10.107

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
95.101.10.107:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
b663a45198f5aec3e303bbf2b7dfcf2d
8f1a50022ee7a8dde1b9a361ad113b16982135eb
5a40b0bdb7c4cb13305ce23aa5fc485480b9d901e2e2bc6af9ea2878b5644b15

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=470
Date: Tue, 07 Mar 2023 13:23:54 GMT
Connection: keep-alive
X-N: S

8499165.com/8499/zzxx/960x100.gif

172.247.50.244

200 OK

479 kB

URL HTTP/2
8499165.com/8499/zzxx/960x100.gif
IP
172.247.50.244:0
ASN
#40065 CNSERVERS

File type
GIF image data, version 89a, 960 x 100\012- data
Size
479 kB (479036 bytes)
Hash
f586fcd7d6a54725a2d0d26355f16a06
338916b44a69b6820f8b741d0c47e68830e6234a
af1a7ed89fa356285f747cd80c8d7d33b980066a02051706c41083edd567414d

HTTP Headers

GET /8499/zzxx/960x100.gif HTTP/1.1
Host: 8499165.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cjg67.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 07 Mar 2023 13:23:54 GMT
content-type: image/gif
content-length: 479036
last-modified: Sat, 24 Dec 2022 13:23:32 GMT
etag: "74f3c-5f092cf09552f"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

595tuchuang.com/960x80.gif

23.224.27.252

200 OK

145 kB

URL HTTP/2
595tuchuang.com/960x80.gif
IP
23.224.27.252:0
ASN
#40065 CNSERVERS

File type
GIF image data, version 89a, 960 x 80\012- data
Size
145 kB (144990 bytes)
Hash
9fd5431ae14d05e144a79a04b928ad1d
43ca6652416a1403dc5a96d779d414330edbe411
f56b12228d407bfd1f7d17582733a92443a012dc7005b9b9896e9b8b3dc13c2c

HTTP Headers

GET /960x80.gif HTTP/1.1
Host: 595tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cjg67.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 07 Mar 2023 13:23:55 GMT
content-type: image/gif
content-length: 144990
last-modified: Wed, 21 Dec 2022 13:28:21 GMT
etag: "63a309f5-2365e"
expires: Fri, 31 Mar 2023 16:54:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
server: cdn
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
0f3132fc21f6c771ae4f3a4ce2e819c4
27c77e7184e5cd2e2a68762cc9bbf75a2371a50b
82304684ee7812fbdeb5b0ea73e694eebf14937d8700d5ac14fde26e589248e3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 Mar 2023 13:23:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Mar 2023 13:50:39 GMT
Expires: Sun, 12 Mar 2023 13:50:38 GMT
Etag: "27c77e7184e5cd2e2a68762cc9bbf75a2371a50b"
Cache-Control: max-age=433001,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a4327e44baab4ed-OSL

688aaa.us/29d05b2c5ae746e7b37ef94d49895331.gif

103.170.15.94

200 OK

746 kB

URL HTTP/1.1
688aaa.us/29d05b2c5ae746e7b37ef94d49895331.gif
IP
103.170.15.94:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 80\012- data
Size
746 kB (746035 bytes)
Hash
51a47f49002ea9dfdfcc5e6eaf3fab70
3a07e996231f93ee7c0426bb99e310e79ab861f4
a298680bd0a8897d02ad92bd0370aedbde69a6f6e52cb60feafde6e0a04bffea

HTTP Headers

GET /29d05b2c5ae746e7b37ef94d49895331.gif HTTP/1.1
Host: 688aaa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cjg67.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63ff44cb-b6233"
Date: Wed, 01 Mar 2023 13:39:39 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 01 Mar 2023 12:27:55 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-24
Content-Length: 746035

cjg67.com/static/plugins/layui/font/iconfont.woff?v=240

122.10.10.41

200 OK

27 kB

URL HTTP/1.1
cjg67.com/static/plugins/layui/font/iconfont.woff?v=240
IP
122.10.10.41:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
Web Open Font Format, TrueType, length 26744, version 1.0\012- data
Size
27 kB (26744 bytes)
Hash
e9caaa0617fa61c01f765960d10da0ef
f116555d117ded6e97229847ba3c8e8ca12e2f2b
6e9dac35a993a17830b37c400415142906634d2b0a7af0b2418a92ed959ae201

HTTP Headers

GET /static/plugins/layui/font/iconfont.woff?v=240 HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://cjg67.com/static/plugins/layui/css/layui.css

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:58 GMT
Content-Type: font/woff
Content-Length: 26744
Last-Modified: Tue, 22 Oct 2019 17:31:28 GMT
Connection: keep-alive
ETag: "5daf3cf0-6878"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (30)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML