www.js-xinglong.com/appbgnjnydo/
45.200.205.56200 OK 717 B URL User Request GET HTTP/1.1 www.js-xinglong.com/appbgnjnydo/
IP 45.200.205.56:80
ASN #135097 LUOGELANG FRANCE LIMITED
File type JavaScript source, Unicode text, UTF-8 text
Hash d7847ef905904e43a3e1f6dec6523dab
d66564126249ae2aa4419a992c55073c0ab27d31
ff4ddd74bbc9fbf80a9d06d5d14c165e58221dbd7f15105da429a0faafe7b2dd
GET /appbgnjnydo/ HTTP/1.1
Host: www.js-xinglong.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 09:33:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Content-Encoding: gzip
www.js-xinglong.com/app/tzjs/tz.js
45.200.205.56200 OK 475 B URL GET HTTP/1.1 www.js-xinglong.com/app/tzjs/tz.js
IP 45.200.205.56:80
ASN #135097 LUOGELANG FRANCE LIMITED
Requested by http://www.js-xinglong.com/appbgnjnydo/
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 8182acb5c8fa78a638cb5bc48a60f1a3
08b40a1fa24975b8296c85f03c99788286a5de82
d69141e092aacfe9ee238338534ee0b9c0240acae9d25d0ae77825222d5a0553
GET /app/tzjs/tz.js HTTP/1.1
Host: www.js-xinglong.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.js-xinglong.com/appbgnjnydo/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 09:33:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 05 Jun 2021 06:55:56 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"60bb1ffc-8d6"
Expires: Fri, 10 May 2024 10:37:46 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hm.baidu.com/hm.js?65d6c3a65380c4108bb847d9128180d1
183.240.98.228200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?65d6c3a65380c4108bb847d9128180d1
IP 183.240.98.228:443
ASN #56040 China Mobile communications corporation
Requested by http://www.js-xinglong.com/appbgnjnydo/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (617)
Hash 60b4eae1253bbfa5591436dbc628c9c1
cbfd5160af1f7376d4ddc4faf5be95de415f2cd7
607e3d4afe6641c9c607c680db20033a3c97667a0693cc273faf760e9634a465
GET /hm.js?65d6c3a65380c4108bb847d9128180d1 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.js-xinglong.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Content-Type: application/javascript
Date: Fri, 10 May 2024 09:33:39 GMT
Etag: 8f596de1f0a8171cbbd1fa6ea1afb360
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D3D68C64A5419B43; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1670738406&si=65d6c3a65380c4108bb847d9128180d1&v=1.3.0&lv=1&sn=20530&r=0&ww=1280&u=http%3A%2F%2Fwww.js-xinglong.com%2Fappbgnjnydo%2F&tt=%E6%AC%A2%E8%BF%8E%E5%85%89%E4%B8%B4AG%E5%8F%91%E8%B4%A2%E7%BD%91
183.240.98.228200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1670738406&si=65d6c3a65380c4108bb847d9128180d1&v=1.3.0&lv=1&sn=20530&r=0&ww=1280&u=http%3A%2F%2Fwww.js-xinglong.com%2Fappbgnjnydo%2F&tt=%E6%AC%A2%E8%BF%8E%E5%85%89%E4%B8%B4AG%E5%8F%91%E8%B4%A2%E7%BD%91
IP 183.240.98.228:443
ASN #56040 China Mobile communications corporation
Requested by http://www.js-xinglong.com/appbgnjnydo/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1670738406&si=65d6c3a65380c4108bb847d9128180d1&v=1.3.0&lv=1&sn=20530&r=0&ww=1280&u=http%3A%2F%2Fwww.js-xinglong.com%2Fappbgnjnydo%2F&tt=%E6%AC%A2%E8%BF%8E%E5%85%89%E4%B8%B4AG%E5%8F%91%E8%B4%A2%E7%BD%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.js-xinglong.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 10 May 2024 09:33:40 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=D76C0B00DCE214F6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.js-xinglong.com/app/tzjs/zl.js
45.200.205.56200 OK 660 B URL GET HTTP/1.1 www.js-xinglong.com/app/tzjs/zl.js
IP 45.200.205.56:80
ASN #135097 LUOGELANG FRANCE LIMITED
Requested by http://www.js-xinglong.com/appbgnjnydo/
File type ASCII text, with CRLF line terminators
Hash 0e1f973e49a0fb137a66bcea27b5ca84
44eb3851fcb5e2468c7b8e741ed987efb1145bb1
ed74584fd08d4dffc7f67daca1846a25e4b04ecd373ce88a0185c3c3a7f16592
GET /app/tzjs/zl.js HTTP/1.1
Host: www.js-xinglong.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.js-xinglong.com/appbgnjnydo/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 09:33:40 GMT
Content-Type: application/javascript
Content-Length: 660
Connection: keep-alive
Last-Modified: Fri, 27 Aug 2021 02:46:44 GMT
ETag: "61285214-294"
Expires: Fri, 10 May 2024 18:00:41 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
www.js-xinglong.com/favicon.ico
45.200.205.56200 OK 34 kB URL GET HTTP/1.1 www.js-xinglong.com/favicon.ico
IP 45.200.205.56:80
ASN #135097 LUOGELANG FRANCE LIMITED
Requested by http://www.js-xinglong.com/appbgnjnydo/
File type MS Windows icon resource - 5 icons, 64x64, 32 bits/pixel, 48x48, 32 bits/pixel
Hash f64943010fe01df6b2194ca2c0f1271f
d7e2f2c13cea4554dc877261676273376c217f00
7f50d4acbf76a423ac781f90550ecf97b5a3393a735d58a6d5cb077f94b265d1
GET /favicon.ico HTTP/1.1
Host: www.js-xinglong.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.js-xinglong.com/appbgnjnydo/
Cookie: Hm_lvt_65d6c3a65380c4108bb847d9128180d1=1715333620; Hm_lpvt_65d6c3a65380c4108bb847d9128180d1=1715333620
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 09:33:40 GMT
Content-Type: image/x-icon
Content-Length: 34494
Last-Modified: Fri, 03 May 2019 00:49:26 GMT
Connection: keep-alive
ETag: "5ccb9016-86be"
Accept-Ranges: bytes
www.z9899.com/
0.0.0.0 0 B IP 0.0.0.0:0
Requested by http://www.js-xinglong.com/appbgnjnydo/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: www.z9899.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.js-xinglong.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: frame
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache