Report - www.pjgxw.net/15996/

Report Overview

Submitted URL
www.pjgxw.net/15996/
IP
107.148.71.57
ASN
#54600 PEGTECHINC
Submitted
2022-11-30 23:51:19
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
64

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.149.149.164
www.pjgxw.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	15 kB	328 kB	107.148.71.57
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.trust-provider.cn	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	346 B	1.3 kB	47.246.44.205
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	45 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.33.119.27

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-30	medium	www.pjgxw.net/15996/	Phishing
2022-11-30	medium	www.pjgxw.net/15996/	Phishing
2022-11-30	medium	www.pjgxw.net/404/js/jquery.min.js	Phishing
2022-11-30	medium	www.pjgxw.net/index.html	Phishing
2022-11-30	medium	www.pjgxw.net/js/jquery.switchable.min.js	Phishing
2022-11-30	medium	www.pjgxw.net/js/index.js	Phishing
2022-11-30	medium	www.pjgxw.net/All/test/js/All.js	Phishing
2022-11-30	medium	www.pjgxw.net/js/jquery-1.7.2.min.js	Phishing
2022-11-30	medium	www.pjgxw.net/js/demo.js	Phishing
2022-11-30	medium	www.pjgxw.net/js/demoms.js	Phishing
2022-11-30	medium	www.pjgxw.net/js/demons.js	Phishing
2022-11-30	medium	www.pjgxw.net/png/m2_1.webp	Phishing
2022-11-30	medium	www.pjgxw.net/png/m3_1.webp	Phishing
2022-11-30	medium	www.pjgxw.net/png/m2_2.webp	Phishing
2022-11-30	medium	www.pjgxw.net/png/m3_2.webp	Phishing
2022-11-30	medium	www.pjgxw.net/png/m1_1.webp	Phishing
2022-11-30	medium	www.pjgxw.net/png/m1_2.webp	Phishing
2022-11-30	medium	www.pjgxw.net/png/tb1.webp	Phishing
2022-11-30	medium	www.pjgxw.net/png/tb2.webp	Phishing
2022-11-30	medium	www.pjgxw.net/jpg/lg.webp	Phishing
2022-11-30	medium	www.pjgxw.net/jpg/m_fg.webp	Phishing
2022-11-30	medium	www.pjgxw.net/png/lgr.webp	Phishing
2022-11-30	medium	www.pjgxw.net/png/yy.webp	Phishing
2022-11-30	medium	www.pjgxw.net/jpg/nr1_p.webp	Phishing
2022-11-30	medium	www.pjgxw.net/jpg/lxm.webp	Phishing
2022-11-30	medium	www.pjgxw.net/jpg/list.webp	Phishing
2022-11-30	medium	www.pjgxw.net/jpg/gs_tp.webp	Phishing
2022-11-30	medium	www.pjgxw.net/jpg/dt_tp.webp	Phishing
2022-11-30	medium	www.pjgxw.net/jpg/xmt.webp	Phishing
2022-11-30	medium	www.pjgxw.net/jpg/201792616224585.webp	Phishing
2022-11-30	medium	www.pjgxw.net/jpg/2017926114417167.webp	Phishing
2022-11-30	medium	www.pjgxw.net/jpg/2017926114555809.webp	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	www.pjgxw.net/js/jquery.switchable.min.js	4.6 kB	2023-03-08	2023-03-12
Pretty URL www.pjgxw.net/js/jquery.switchable.min.js IP 107.148.71.57 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:30:19 Last Seen2023-03-12 14:21:47 Times Seen1 Hash 591994bb1525d2ed122cff6f4dcf0f54 447b5c1178ffcc7b451ee114347f79a54333fd25 3239c5f75c6b32b59d02467323172902ef41159f5a75f6c2ab1f23e02766d27e Loading...

	www.pjgxw.net/All/test/js/All.js	262 B	2023-03-08	2023-05-29
Pretty URL www.pjgxw.net/All/test/js/All.js IP 107.148.71.57 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:30:19 Last Seen2023-05-29 17:38:15 Times Seen5 Hash 2f58c787d9c696da162103a0fc0891e5 5916575e958cfb8aa06342497cb938e4fe4565eb 623d11aeb9ab7be1dc6bca135d8f7a7f211f805212031208caac1486cb4689c5 Loading...

	www.pjgxw.net/js/demo.js	364 B	2023-03-08	2023-03-12
Pretty URL www.pjgxw.net/js/demo.js IP 107.148.71.57 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:30:19 Last Seen2023-03-12 14:21:47 Times Seen1 Hash c24e67a14f5051c12aeb0dbb29090226 021bce064e0e2718df36551021fa6e377f0318d7 5b0054ec5c63b191161053e0c181d39750554b0ec8533f37bb6225f2fa6d9da8 Loading...

	www.pjgxw.net/js/demons.js	374 B	2023-03-08	2023-03-12
Pretty URL www.pjgxw.net/js/demons.js IP 107.148.71.57 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:30:19 Last Seen2023-03-12 14:21:47 Times Seen1 Hash 0fde400a575417e232bba9f2480fb797 9facfad862c53c4d2ddba1862cf0f9a7c810ed6a ae771aa1f9065be4e005eeecaa9f43bdfb13c778b9622d36e8a867d34151ebe9 Loading...

	www.pjgxw.net/js/demoms.js	380 B	2023-03-08	2023-03-12
Pretty URL www.pjgxw.net/js/demoms.js IP 107.148.71.57 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:30:19 Last Seen2023-03-12 14:21:47 Times Seen1 Hash 4d71fedd7556a46aaf3617e44011e5ea b85f8e71aef7b853ad0dd473131c8e80536d3cbb 341acc815f59399c62e035a1ec5d294c7dab3f2e6df49f8a11b511fcb864c2c4 Loading...

	www.pjgxw.net/404/js/jquery.min.js	96 kB	2023-03-07	2024-04-25
Pretty URL www.pjgxw.net/404/js/jquery.min.js IP 107.148.71.57 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 18:54:18 Times Seen46346 Hash 8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Loading...

	www.pjgxw.net/15996/	359 B	2023-03-08	2023-03-12
Pretty URL www.pjgxw.net/15996/ IP 107.148.71.57 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:30:19 Last Seen2023-03-12 14:21:47 Times Seen1 Hash 61c2ab7f2bf7f30e52d0446ff3cfabbd 472039e0577130bca8678817eec31bbed27d69dc 2292604c04c642f1926dbe3b01c8cad0635f29c45889a83a0aefb62a3aac169f Loading...

	www.pjgxw.net/js/jquery-1.7.2.min.js	95 kB	2023-03-07	2024-04-21
Pretty URL www.pjgxw.net/js/jquery-1.7.2.min.js IP 107.148.71.57 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:27 Last Seen2024-04-21 08:39:25 Times Seen863 Hash acc0adc6c188845a409bf158d2de4451 881a17148bea7a96d05063d035f74bd6353fbb3e 4332316d0fe4e2c7a9e213afa4d9cbf983ad5bf80cb47d98c9cacd5470e35889 Loading...

	www.pjgxw.net/js/index.js	2.9 kB	2023-03-08	2023-03-12
Pretty URL www.pjgxw.net/js/index.js IP 107.148.71.57 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:30:19 Last Seen2023-03-12 14:21:47 Times Seen1 Hash cf0decd837fc8afc82cbf328bda5f082 b7d7f36e43bec1bf6ae77ec6b9a53e7987cabe06 ea19bab27854f6bdf996815c79ec5a8c85b9fad7672f776dddb8456b11a806de Loading...

	www.pjgxw.net/index.html	618 B	2023-03-08	2023-03-13
Pretty URL www.pjgxw.net/index.html IP 107.148.71.57 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:32:36 Last Seen2023-03-13 02:22:41 Times Seen1 Hash 76a0ed616503781e8e624e9bd2c2280b db2e3eba5c08cd73d7400934909804b7ff6e1080 87e3300bd41db7a178b4a8ebd3db771d45e2b2ab33f8ed5dad696489d531106d Loading...

	www.pjgxw.net/index.html	190 B	2023-03-08	2023-03-12
Pretty URL www.pjgxw.net/index.html IP 107.148.71.57 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:30:19 Last Seen2023-03-12 14:21:47 Times Seen1 Hash 89d5e56bcad7d507530b459b687f6398 023b0f0ea159def795e94c59b2b77e07ddeda3e3 bf2c344ff41651df0969aedbf59b006f8d3def7c18d5fef6282d1bd632e227e7 Loading...

	www.pjgxw.net/index.html	696 B	2023-03-08	2023-03-12
Pretty URL www.pjgxw.net/index.html IP 107.148.71.57 ASN #54600 PEGTECHINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:30:19 Last Seen2023-03-12 14:21:47 Times Seen1 Hash 3354f09da9dba5b6a8a56065c20468df e08082dc190fa996a2cb1b9ccdcc83b5a588b8e1 0f43dc871373efd778bf6f456a6a988b5dc43e46892c0a701064bee5a08f0eab Loading...

		Size	First Seen	Last Seen
	#1 Eval - 1aa9314530c4d5ef80e51184141e007c	5.8 kB	2023-03-08	2024-01-25
Pretty Observations First Seen2023-03-08 16:30:19 Last Seen2024-01-25 00:44:46 Times Seen63 Hash 1aa9314530c4d5ef80e51184141e007c f164581b5aa13a0c1a5f38c63e82c387046f5d39 c266062fff597579c6b4ada10f17031d8923c47e3bc640ff0e47768f66580cde Loading...

HTTP Transactions (59)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12471
Expires: Thu, 01 Dec 2022 03:18:59 GMT
Date: Wed, 30 Nov 2022 23:51:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14417
Expires: Thu, 01 Dec 2022 03:51:25 GMT
Date: Wed, 30 Nov 2022 23:51:08 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4165
Cache-Control: max-age=128976
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:51:08 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 11:40:44 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: FSMXc6MWjM88zTDbkgvKJzxcYXCxDXXmQDH22cbyAz7xPF37Xr2GTxBQ168+4YJPzn01RDJPxqE=
x-amz-request-id: DMXZ24YEJMAGDAK7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 23:45:26 GMT
age: 342
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

www.pjgxw.net/15996/

107.148.71.57

301 Moved Permanently

162 B

URL HTTP/1.1
www.pjgxw.net/15996/
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /15996/ HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 30 Nov 2022 23:50:31 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.pjgxw.net/15996/

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 23:19:44 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1884
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 23:51:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 23:08:56 GMT
cache-control: public,max-age=3600
age: 2532
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4163
Cache-Control: max-age=123906
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:51:08 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 10:16:14 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.149.149.164

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.149.149.164:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QPDZWteBHvYvRT0lCCNpMw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0VDjqce9YQ0cWWgU23I/XvyQHzk=

ocsp.trust-provider.cn/

47.246.44.205

200 OK

600 B

URL HTTP/1.1
ocsp.trust-provider.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
600 B (600 bytes)
Hash
7e77308edea0980f610e67a89347aeda
15dcc9d15745a3865e20184a6135ca397043787d
ed67c89bee0343c63a7d5024a71f22436c7d75c2a824032bcdf1626169b1567a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Wed, 30 Nov 2022 23:51:09 GMT
last-modified: Tue, 29 Nov 2022 14:56:12 GMT
expires: Tue, 06 Dec 2022 14:56:11 GMT
etag: "15dcc9d15745a3865e20184a6135ca397043787d"
cache-control: max-age=485701,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb6
x-frame-options: SAMEORIGIN
cf-cache-status: MISS
accept-ranges: bytes
cf-ray: 77277d4c5d2c92b3-FRA
via: cache25.l2de2[32,0], cache2.se1[55,0], cache3.se1[56,0]
timing-allow-origin: *, *
eagleid: 2ff62c9716698522694584137e, 2ff62c9716698522694584137e

www.pjgxw.net/15996/

107.148.71.57

404 Not Found

798 B

URL HTTP/1.1
www.pjgxw.net/15996/
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
798 B (798 bytes)
Hash
3f2019888a49737763e07c8c76f002be
e9615330d110d4a596bfc08ea22041a2b74994fd
70a3878f9956dadadb99f59a141c0f4fb806ecdb071ef8e55bd67c325c3c2f8a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /15996/ HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 30 Nov 2022 23:50:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5cabb70a-518"
Content-Encoding: gzip

www.pjgxw.net/404/css/reset.css

107.148.71.57

200 OK

560 B

URL HTTP/1.1
www.pjgxw.net/404/css/reset.css
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with CRLF line terminators
Size
560 B (560 bytes)
Hash
650599a6cd9f8db5a98e28bd4c675ee7
955a97a6e613e9122763f0f4807dc61fad28dac8
47a3b2bfe968226b59b03dd9f9ad573d7feaf9dcbc4378b89700f4a4e915762b

HTTP Headers

GET /404/css/reset.css HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/15996/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:33 GMT
Content-Type: text/css
Last-Modified: Thu, 16 Nov 2017 19:29:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5a0de72e-408"
Expires: Thu, 01 Dec 2022 11:50:33 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.pjgxw.net/404/css/404.css

107.148.71.57

200 OK

801 B

URL HTTP/1.1
www.pjgxw.net/404/css/404.css
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with CRLF line terminators
Size
801 B (801 bytes)
Hash
4821440ad503edbb00d5452e2085d587
31ab1960e362f704a4111b3105efdb0cd77b7b8f
3caf305d63b969fffa3d56bbe7f213e0ac97473fa0b363f19cc900a60dc32e2b

HTTP Headers

GET /404/css/404.css HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/15996/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:33 GMT
Content-Type: text/css
Content-Length: 801
Last-Modified: Thu, 16 Nov 2017 19:34:18 GMT
Connection: keep-alive
ETag: "5a0de83a-321"
Expires: Thu, 01 Dec 2022 11:50:33 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2868
Expires: Thu, 01 Dec 2022 00:38:58 GMT
Date: Wed, 30 Nov 2022 23:51:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2868
Expires: Thu, 01 Dec 2022 00:38:58 GMT
Date: Wed, 30 Nov 2022 23:51:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2868
Expires: Thu, 01 Dec 2022 00:38:58 GMT
Date: Wed, 30 Nov 2022 23:51:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2868
Expires: Thu, 01 Dec 2022 00:38:58 GMT
Date: Wed, 30 Nov 2022 23:51:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2868
Expires: Thu, 01 Dec 2022 00:38:58 GMT
Date: Wed, 30 Nov 2022 23:51:10 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c95c82f-93f9-4783-a6c2-2c737a51d52c.jpeg

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c95c82f-93f9-4783-a6c2-2c737a51d52c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12655 bytes)
Hash
1039182464db1365a476dd88029b97d8
06b395b4fbad5ad9c9fb6a4fb24c1eee607aa8ac
2e081da1464a18d755a841558f63303634a9e22df888c9c43246565abfc3d48d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c95c82f-93f9-4783-a6c2-2c737a51d52c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12655
x-amzn-requestid: db51cc10-5e13-4d63-a15b-a1c62b159f7b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzNfFvloAMFgqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbef-67ec32d74521865c7f800ac6;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mctLVf0ho2G4skGRA0gpSH5HVoAUeH7YOyY1QA4_abODLKqRIX0eTg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:09:11 GMT
etag: "06b395b4fbad5ad9c9fb6a4fb24c1eee607aa8ac"
content-type: image/jpeg
age: 6119
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9768b9bd-d7a9-4426-a5b2-ea1a71860733.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.2 kB (2150 bytes)
Hash
995eb3df7ec5507e3392fdb1ca6395b4
9bc2e9039e9340b83ffcfb90e4e2c631a8723e60
4c86fdcd3b338040ea8130ee6a1ed5c3bd66c4dd59fe461f81e5df88a379ebb3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9768b9bd-d7a9-4426-a5b2-ea1a71860733.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2150
x-amzn-requestid: b8ce8dbd-9109-4abc-9136-e4ac1ec37f15
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPdIFGdooAMFQmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382dbcd-6a718efd51051576132dd523;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:38:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z8LtaO2ywz0X9cGNU18a5eyA9jIy6hL9dEaZgcecoggpEelDxiTy7w==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 14:43:12 GMT
age: 32878
etag: "9bc2e9039e9340b83ffcfb90e4e2c631a8723e60"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9613 bytes)
Hash
b92721cbe24623f1713a5248d6a7c1b2
3628390c62642dcc375b28f58c9b48180c4abd73
37d0451c03bc7cf0253aba6d3204cbf38502692a0fbc751a3ead01b07e9a65d6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9613
x-amzn-requestid: a46cc458-2e28-4ca7-b223-ba66256caef1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cTPfmEmKoAMFZvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63845f96-7ecee5764c4a40e50e5b1f98;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 07:13:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6p5kV3OCTlaiLWEa9wyeRJOYoxPNZwLhXGIbEnymaufjKL246zfrhw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 06:20:48 GMT
age: 63022
etag: "3628390c62642dcc375b28f58c9b48180c4abd73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F350e8884-8903-4779-8a0c-bb74e9168bfb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.2 kB (4199 bytes)
Hash
4fd5f7a9e04d27654062b3e18b8aecca
07fafbd614cdb49f20bceea29d5e684725d3bdf6
0cb64a9a33f66b92eed5a591b6c368f3d74363941d8876e553a8ea6aaa547590

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F350e8884-8903-4779-8a0c-bb74e9168bfb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4199
x-amzn-requestid: 61981ad5-3560-43e1-a1cd-37f823e89675
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQxoEz5IAMFzQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c80a-291574e42bee51b2523b3920;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:03:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fL5AwXN4Kitj3BB3DyYyYfFYk3GRgLvhNNTiQKrDcxPR6mkfzyUuzQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:05:04 GMT
age: 12898
etag: "07fafbd614cdb49f20bceea29d5e684725d3bdf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc551f651-39d0-4021-90ed-915a79168ea0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4409 bytes)
Hash
b8802d5080eb35e4052ef31cf7658650
1e78566f2e69268c5f753fb49112ab07aae3eccf
9c96906ee1dea353198c9069fa7e42b100e4fa766e5be8e4d8db036033961086

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc551f651-39d0-4021-90ed-915a79168ea0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4409
x-amzn-requestid: cb422842-e955-4749-8b2a-3c028a09c20f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz7XEE2IAMFY3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd15-3c4d1a6d4d542e81179ea8ba;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: zYLCQ4DUQtMklG-T-ATot22PDIUMjnN1wpVkoHBh4Oa3TAyNzTv86g==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:45 GMT
age: 7285
etag: "1e78566f2e69268c5f753fb49112ab07aae3eccf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f924fdd-ce65-4f00-8153-3caef7c54e22.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5295 bytes)
Hash
eb4b8985f697c1ff7753d3961fb4f67d
b412d62d44993500b947a38e8e242d0c6d6b7588
571c1543cd99b08e62438146f383bf48a9172ae377b4c17dbc6c8c58bdbb5803

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f924fdd-ce65-4f00-8153-3caef7c54e22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5295
x-amzn-requestid: e9c096df-2dba-408c-b45a-d114755fa883
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzM0HmuoAMF4Ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbeb-5808a0756f4180a0613cdbcd;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUjE1-vViTaS5s23OSlhLlxC597y0etgzMYGUdlqdpHBTK_ww5DEYA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:17:18 GMT
age: 5632
etag: "b412d62d44993500b947a38e8e242d0c6d6b7588"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.pjgxw.net/404/js/jquery.min.js

107.148.71.57

200 OK

37 kB

URL HTTP/1.1
www.pjgxw.net/404/js/jquery.min.js
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with very long lines (32086)
Size
37 kB (37386 bytes)
Hash
2adc9cff004de22211d32def6198c0f6
db38c30a54aa9c6f7ecda86dad98a5436765216f
a1cd5a94c395c68e04ae01fe699820e1547e08ce41050f7523581ef552324ac1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /404/js/jquery.min.js HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/15996/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:33 GMT
Content-Type: application/javascript
Last-Modified: Thu, 16 Nov 2017 19:30:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5a0de742-1762a"
Expires: Thu, 01 Dec 2022 11:50:33 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.pjgxw.net/favicon.ico

107.148.71.57

200 OK

1.4 kB

URL HTTP/1.1
www.pjgxw.net/favicon.ico
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
MS Windows icon resource - 1 icon, 16x16, 8 bits/pixel\012- data
Size
1.4 kB (1406 bytes)
Hash
3d72791cded502f5ae6a752fb7e0d95e
79b5b9c8c0aac8809844a4cf7ddcbe67614c7966
89a6a5aa0ce8e0b2af3cff1714b35f117daf9113c71f74062d2fbb307968e7ad

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/15996/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:33 GMT
Content-Type: image/x-icon
Content-Length: 1406
Last-Modified: Tue, 05 Jun 2018 15:42:04 GMT
Connection: keep-alive
ETag: "5b16af4c-57e"
Accept-Ranges: bytes

www.pjgxw.net/404/img/404.png

107.148.71.57

200 OK

1.6 kB

URL HTTP/1.1
www.pjgxw.net/404/img/404.png
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
PNG image data, 242 x 106, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1584 bytes)
Hash
78c6e68114e96e93e548070cb974608d
60b26b8eea97cd6b112da49eee49eba45d8906e4
85e125f5b8c51ca55f1fc6acda45c0a0c4beb90b631dd351f50a45459d0aa079

HTTP Headers

GET /404/img/404.png HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/404/css/404.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:33 GMT
Content-Type: image/png
Content-Length: 1584
Last-Modified: Thu, 16 Nov 2017 19:30:26 GMT
Connection: keep-alive
ETag: "5a0de752-630"
Expires: Fri, 30 Dec 2022 23:50:33 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

www.pjgxw.net/404/img/404-bg.png

107.148.71.57

200 OK

45 kB

URL HTTP/1.1
www.pjgxw.net/404/img/404-bg.png
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
PNG image data, 346 x 279, 8-bit/color RGBA, non-interlaced\012- data
Size
45 kB (45047 bytes)
Hash
a6a0fe0df2640475345704113aac5c6b
62ef2af68a940db461b41b6cb51c989dc089c643
d461a05157b62d225adce33f2fb8afb5cf55a79498734705c0e50ed93624af23

HTTP Headers

GET /404/img/404-bg.png HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/404/css/404.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:33 GMT
Content-Type: image/png
Content-Length: 45047
Last-Modified: Thu, 16 Nov 2017 19:30:24 GMT
Connection: keep-alive
ETag: "5a0de750-aff7"
Expires: Fri, 30 Dec 2022 23:50:33 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

www.pjgxw.net/index.html

107.148.71.57

200 OK

12 kB

URL HTTP/1.1
www.pjgxw.net/index.html
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with very long lines (7374), with CRLF line terminators
Size
12 kB (12070 bytes)
Hash
adf73c143520c3063508fff2b4e5e1fa
2c7a8e148af2ae5a49ac3068e1a99cbc1174fd15
eb0a120b4db7b4f63fa5d5e1880a0a5d37b943a0c96e023b02e5c079ef6f4cfa

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /index.html HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/15996/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:38 GMT
Content-Type: text/html
Last-Modified: Thu, 24 Feb 2022 19:48:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6217e12a-d242"
Content-Encoding: gzip

www.pjgxw.net/css/defaultskin.css

107.148.71.57

200 OK

2.8 kB

URL HTTP/1.1
www.pjgxw.net/css/defaultskin.css
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
exported SGML document, ISO-8859 text, with CRLF line terminators
Size
2.8 kB (2841 bytes)
Hash
3c3eacb13462387a208a44dada3a9d67
662d9ab096eb8e67262d0f6b8567fafa28904b10
19534c0eb428ebe80f0183b10dc939c1918a36774440d8fa7becfe2bc02d1211

HTTP Headers

GET /css/defaultskin.css HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: text/css
Last-Modified: Thu, 17 Feb 2022 03:36:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"620dc2ca-2b92"
Expires: Thu, 01 Dec 2022 11:50:39 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.pjgxw.net/js/jquery.switchable.min.js

107.148.71.57

200 OK

2.8 kB

URL HTTP/1.1
www.pjgxw.net/js/jquery.switchable.min.js
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
Unicode text, UTF-8 text, with very long lines (4429), with CRLF line terminators
Size
2.8 kB (2782 bytes)
Hash
44809dc5e44ed60feb890f7ecf3390e8
1eccaa689b94ce488b9031820f11fc6479045a4e
ed26987675b14c0cf06c185e54643d57953dd5a9c15a8dc2ab5ec8cd76b00408

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery.switchable.min.js HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: application/javascript
Last-Modified: Wed, 27 Jul 2016 21:05:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"57992220-11e2"
Expires: Thu, 01 Dec 2022 11:50:39 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.pjgxw.net/js/index.js

107.148.71.57

200 OK

1.3 kB

URL HTTP/1.1
www.pjgxw.net/js/index.js
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.3 kB (1267 bytes)
Hash
e656b02509f6c5f7b74ce1f100c51589
ee8827007e6888f78e7473a2b04e529fb663ce8a
2d49fc2282f66ce022075f0bea77453bda38f961af695beed1c7ea56e06acbf9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/index.js HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: application/javascript
Last-Modified: Wed, 27 Jul 2016 21:05:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"57992220-b25"
Expires: Thu, 01 Dec 2022 11:50:39 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.pjgxw.net/All/test/js/All.js

107.148.71.57

200 OK

262 B

URL HTTP/1.1
www.pjgxw.net/All/test/js/All.js
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with CRLF line terminators
Size
262 B (262 bytes)
Hash
2f58c787d9c696da162103a0fc0891e5
5916575e958cfb8aa06342497cb938e4fe4565eb
623d11aeb9ab7be1dc6bca135d8f7a7f211f805212031208caac1486cb4689c5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /All/test/js/All.js HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: application/javascript
Content-Length: 262
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 06:08:07 GMT
ETag: "63329347-106"
Expires: Thu, 01 Dec 2022 11:50:39 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes

www.pjgxw.net/js/jquery-1.7.2.min.js

107.148.71.57

200 OK

38 kB

URL HTTP/1.1
www.pjgxw.net/js/jquery-1.7.2.min.js
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32769), with CRLF line terminators
Size
38 kB (37730 bytes)
Hash
0893043d70522574eb83c8679ee8b1ba
6ce54e48ddfb84c36b2c7301a0f5cff001ac7ef5
cbee5c07556235631fbb6a36bb7eda3e4a55c687fc81ccb624ca06eaee30ac7c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery-1.7.2.min.js HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: application/javascript
Last-Modified: Wed, 27 Jul 2016 21:05:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"57992220-1727a"
Expires: Thu, 01 Dec 2022 11:50:39 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.pjgxw.net/js/demo.js

107.148.71.57

200 OK

364 B

URL HTTP/1.1
www.pjgxw.net/js/demo.js
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with CRLF line terminators
Size
364 B (364 bytes)
Hash
c24e67a14f5051c12aeb0dbb29090226
021bce064e0e2718df36551021fa6e377f0318d7
5b0054ec5c63b191161053e0c181d39750554b0ec8533f37bb6225f2fa6d9da8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/demo.js HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: application/javascript
Content-Length: 364
Last-Modified: Wed, 27 Jul 2016 21:05:36 GMT
Connection: keep-alive
ETag: "57992220-16c"
Expires: Thu, 01 Dec 2022 11:50:39 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes

www.pjgxw.net/js/demoms.js

107.148.71.57

200 OK

380 B

URL HTTP/1.1
www.pjgxw.net/js/demoms.js
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with CRLF line terminators
Size
380 B (380 bytes)
Hash
4d71fedd7556a46aaf3617e44011e5ea
b85f8e71aef7b853ad0dd473131c8e80536d3cbb
341acc815f59399c62e035a1ec5d294c7dab3f2e6df49f8a11b511fcb864c2c4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/demoms.js HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: application/javascript
Content-Length: 380
Last-Modified: Wed, 27 Jul 2016 21:05:36 GMT
Connection: keep-alive
ETag: "57992220-17c"
Expires: Thu, 01 Dec 2022 11:50:39 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes

www.pjgxw.net/js/demons.js

107.148.71.57

200 OK

374 B

URL HTTP/1.1
www.pjgxw.net/js/demons.js
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
ASCII text, with CRLF line terminators
Size
374 B (374 bytes)
Hash
0fde400a575417e232bba9f2480fb797
9facfad862c53c4d2ddba1862cf0f9a7c810ed6a
ae771aa1f9065be4e005eeecaa9f43bdfb13c778b9622d36e8a867d34151ebe9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/demons.js HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: application/javascript
Content-Length: 374
Last-Modified: Wed, 27 Jul 2016 21:05:36 GMT
Connection: keep-alive
ETag: "57992220-176"
Expires: Thu, 01 Dec 2022 11:50:39 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes

www.pjgxw.net/png/m2_1.webp

107.148.71.57

200 OK

5.7 kB

URL HTTP/1.1
www.pjgxw.net/png/m2_1.webp
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
5.7 kB (5730 bytes)
Hash
3d8cdc87b1e3c3bd2785df07eb753ea4
3d4599c9650f4ba359c565c418823878dcd85da8
bfd597dd20960c7b60c4e2f31fb07e6cc41a3e08997f65171f92b2c1ea22307d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /png/m2_1.webp HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: image/webp
Content-Length: 5730
Last-Modified: Thu, 17 Feb 2022 03:12:14 GMT
Connection: keep-alive
ETag: "620dbd0e-1662"
Accept-Ranges: bytes

www.pjgxw.net/png/m3_1.webp

107.148.71.57

200 OK

5.0 kB

URL HTTP/1.1
www.pjgxw.net/png/m3_1.webp
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
5.0 kB (4986 bytes)
Hash
cab31716b9d10e85cdff62f8d58e7084
184a99c6bc1d993f00fdf312dfb013b85a01bb2b
20ea3c68ed7f55cc52d61c30cc6cf935bb8d91b9281521350b4382a88701420f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /png/m3_1.webp HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: image/webp
Content-Length: 4986
Last-Modified: Thu, 17 Feb 2022 03:12:14 GMT
Connection: keep-alive
ETag: "620dbd0e-137a"
Accept-Ranges: bytes

www.pjgxw.net/png/m2_2.webp

107.148.71.57

200 OK

5.5 kB

URL HTTP/1.1
www.pjgxw.net/png/m2_2.webp
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
5.5 kB (5468 bytes)
Hash
2d5622d448c07d21080679fe9abad8d3
2a983373f2295558298ffda71c64dd1db06c4d33
15616344990922e923d114dff39ae5d662a7149aea0445839cb71267d3bc6178

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /png/m2_2.webp HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: image/webp
Content-Length: 5468
Last-Modified: Thu, 17 Feb 2022 03:12:14 GMT
Connection: keep-alive
ETag: "620dbd0e-155c"
Accept-Ranges: bytes

www.pjgxw.net/png/m3_2.webp

107.148.71.57

200 OK

6.0 kB

URL HTTP/1.1
www.pjgxw.net/png/m3_2.webp
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
6.0 kB (5990 bytes)
Hash
f1857e4d599c7f602263867254102d16
68776f896d8c5438b211532b2a981ddd2c47bb1e
4999d435c5e499f304076629d35517042b848a34a0dcd14f0980df686d604c8c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /png/m3_2.webp HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: image/webp
Content-Length: 5990
Last-Modified: Thu, 17 Feb 2022 03:12:14 GMT
Connection: keep-alive
ETag: "620dbd0e-1766"
Accept-Ranges: bytes

www.pjgxw.net/png/m1_1.webp

107.148.71.57

200 OK

10 kB

URL HTTP/1.1
www.pjgxw.net/png/m1_1.webp
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
10 kB (10222 bytes)
Hash
c3c0241616f72f1f3597912a2025993b
b70f4ea9f0a533e916fe1ed8cdd68fffb18c974d
296250b0da1b85887f09311308dd32491e8b781e81116088bea62c35edfe18f3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /png/m1_1.webp HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: image/webp
Content-Length: 10222
Last-Modified: Thu, 17 Feb 2022 03:12:14 GMT
Connection: keep-alive
ETag: "620dbd0e-27ee"
Accept-Ranges: bytes

www.pjgxw.net/png/m1_2.webp

107.148.71.57

200 OK

4.6 kB

URL HTTP/1.1
www.pjgxw.net/png/m1_2.webp
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
4.6 kB (4638 bytes)
Hash
0a51dd2cd86282580abf6f102dac3d18
e9bd6148668079df2139ced06d81063cbcbb3861
c4403ac0f21b8c2f9df6570ba595b27ecd5eecbe4587ff61a4998f720ef8f4f1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /png/m1_2.webp HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: image/webp
Content-Length: 4638
Last-Modified: Thu, 17 Feb 2022 03:12:14 GMT
Connection: keep-alive
ETag: "620dbd0e-121e"
Accept-Ranges: bytes

www.pjgxw.net/png/tb1.webp

107.148.71.57

200 OK

358 B

URL HTTP/1.1
www.pjgxw.net/png/tb1.webp
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
358 B (358 bytes)
Hash
122046bdfaa99757b5ebc521ff343656
dfd4f5503772d542c8b81ef8bf4f187d1b9d46cd
68e191af04b35763fbe9f1a3b9c1f79682d64ae2f87edabd3b3ffbd9e74d1897

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /png/tb1.webp HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: image/webp
Content-Length: 358
Last-Modified: Thu, 17 Feb 2022 03:12:32 GMT
Connection: keep-alive
ETag: "620dbd20-166"
Accept-Ranges: bytes

www.pjgxw.net/png/tb2.webp

107.148.71.57

200 OK

336 B

URL HTTP/1.1
www.pjgxw.net/png/tb2.webp
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
336 B (336 bytes)
Hash
a6585480898f3e7546202582969bdf58
9301b95da6309c6c32ba86dcc402005a6d1613c9
e0b29665778b455cdf3891f381b2f3299d272c18d6ecd8b8e9db0288dfc5bf29

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /png/tb2.webp HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: image/webp
Content-Length: 336
Last-Modified: Thu, 17 Feb 2022 03:12:32 GMT
Connection: keep-alive
ETag: "620dbd20-150"
Accept-Ranges: bytes

www.pjgxw.net/jpg/lg.webp

107.148.71.57

200 OK

14 kB

URL HTTP/1.1
www.pjgxw.net/jpg/lg.webp
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
14 kB (14146 bytes)
Hash
860fa4b0b0f534ecd19a64a394595e03
3011101515568586c1e2bc0a31416a8ef15c050d
8818f3cc7e639a987e087b7e25bdec7a99bb9d2140c810eed71c9ccd85a74f0b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /jpg/lg.webp HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/css/defaultskin.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: image/webp
Content-Length: 14146
Last-Modified: Thu, 17 Feb 2022 02:50:58 GMT
Connection: keep-alive
ETag: "620db812-3742"
Accept-Ranges: bytes

www.pjgxw.net/jpg/m_fg.webp

107.148.71.57

200 OK

7.1 kB

URL HTTP/1.1
www.pjgxw.net/jpg/m_fg.webp
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
7.1 kB (7098 bytes)
Hash
360ff4be57c7873a20f5c7b4e56f489b
7b9efe0d82e4607f18e0c5851116e115d2832391
9da833f71d2a907eb6b817a10f7aa6d53b6cb51d647afcded5178ac6901ecbe2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /jpg/m_fg.webp HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/css/defaultskin.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: image/webp
Content-Length: 7098
Last-Modified: Thu, 17 Feb 2022 02:51:02 GMT
Connection: keep-alive
ETag: "620db816-1bba"
Accept-Ranges: bytes

www.pjgxw.net/png/lgr.webp

107.148.71.57

200 OK

2.2 kB

URL HTTP/1.1
www.pjgxw.net/png/lgr.webp
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.2 kB (2222 bytes)
Hash
c80487735f1e522e7d8ecc75c66cde72
7609e3603402daf654b1b2e9f139eba1a752041d
05f584f5a9dacaa8b1ca94316f8ff5ddf51bb73a5fec7306e22d731fac2abb7b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /png/lgr.webp HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/css/defaultskin.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: image/webp
Content-Length: 2222
Last-Modified: Thu, 17 Feb 2022 03:12:10 GMT
Connection: keep-alive
ETag: "620dbd0a-8ae"
Accept-Ranges: bytes

www.pjgxw.net/png/yy.webp

107.148.71.57

200 OK

124 B

URL HTTP/1.1
www.pjgxw.net/png/yy.webp
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
124 B (124 bytes)
Hash
807ddb182ad9e49d4e2d40332433bcd5
2e8b923fd14a7edfdf521c439bc77ebfba42fc04
d44ad9152db3460e8d60a691f97f5016fab07dd51e3fa57e98eca1362063e41e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /png/yy.webp HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/css/defaultskin.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: image/webp
Content-Length: 124
Last-Modified: Thu, 17 Feb 2022 03:12:42 GMT
Connection: keep-alive
ETag: "620dbd2a-7c"
Accept-Ranges: bytes

www.pjgxw.net/jpg/nr1_p.webp

107.148.71.57

200 OK

7.1 kB

URL HTTP/1.1
www.pjgxw.net/jpg/nr1_p.webp
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
7.1 kB (7096 bytes)
Hash
54b4cb6cf6a8b6a9019b228e64b9471e
8f9b6a0e0424e47904ea2bb8196e9c0ef721098c
d3a6360fd68ee68d465af73582ab4cf29daada570664b051231bbfa1106c1ec1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /jpg/nr1_p.webp HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/css/defaultskin.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: image/webp
Content-Length: 7096
Last-Modified: Thu, 17 Feb 2022 02:51:08 GMT
Connection: keep-alive
ETag: "620db81c-1bb8"
Accept-Ranges: bytes

www.pjgxw.net/jpg/lxm.webp

107.148.71.57

200 OK

17 kB

URL HTTP/1.1
www.pjgxw.net/jpg/lxm.webp
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
17 kB (17290 bytes)
Hash
3f37328e31677de5f7d70aa4221dc0f7
3b2ad632529c34d456358c2fb756ea011a72e1d3
79b89a1e104ca22fa2af1c44ceb8b883dddbbfc3ef0ac87b4dfae61e8bbb068e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /jpg/lxm.webp HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/css/defaultskin.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: image/webp
Content-Length: 17290
Last-Modified: Thu, 17 Feb 2022 02:51:02 GMT
Connection: keep-alive
ETag: "620db816-438a"
Accept-Ranges: bytes

www.pjgxw.net/jpg/list.webp

107.148.71.57

200 OK

7.1 kB

URL HTTP/1.1
www.pjgxw.net/jpg/list.webp
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
7.1 kB (7086 bytes)
Hash
90422f211c6bed3d32a4d1d21b298c6d
7623fce9ea87cd6948f17e8faf987e5fddce394f
72a03117c712e6c9abe72f00d14dc1f144c9fa0c295f4f0cf438a85ea75e6dff

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /jpg/list.webp HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: image/webp
Content-Length: 7086
Last-Modified: Thu, 17 Feb 2022 02:50:58 GMT
Connection: keep-alive
ETag: "620db812-1bae"
Accept-Ranges: bytes

www.pjgxw.net/jpg/gs_tp.webp

107.148.71.57

200 OK

18 kB

URL HTTP/1.1
www.pjgxw.net/jpg/gs_tp.webp
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
18 kB (18430 bytes)
Hash
88f57ae7bb0b6538bf47b8fee1164e38
e2b82168e8b16e5e9f7550cb9338c4ef4ff86ed1
a0cccf2352a2a3863a5bf6ae6ef5ea3eb9b7aed99054f3d586d2b7cdfc25934e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /jpg/gs_tp.webp HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: image/webp
Content-Length: 18430
Last-Modified: Thu, 17 Feb 2022 02:50:22 GMT
Connection: keep-alive
ETag: "620db7ee-47fe"
Accept-Ranges: bytes

www.pjgxw.net/jpg/dt_tp.webp

107.148.71.57

200 OK

16 kB

URL HTTP/1.1
www.pjgxw.net/jpg/dt_tp.webp
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
16 kB (16136 bytes)
Hash
207666ed47ea2d4693b996a2be965d76
8264fa7e4e466cae03a2fa3681e883c0a74ea909
a3cdaad33b2ff9cc01dd2de86dea8eecfa8e742620b942a0d6faab614552e211

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /jpg/dt_tp.webp HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/css/defaultskin.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: image/webp
Content-Length: 16136
Last-Modified: Thu, 17 Feb 2022 02:49:58 GMT
Connection: keep-alive
ETag: "620db7d6-3f08"
Accept-Ranges: bytes

www.pjgxw.net/jpg/xmt.webp

107.148.71.57

200 OK

8.9 kB

URL HTTP/1.1
www.pjgxw.net/jpg/xmt.webp
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
8.9 kB (8890 bytes)
Hash
f44255ca5caa0fc99234f7927da4b5f5
33df69ae8c1738ab1ff84368bdaa8837420c78d5
66c0f08f53952c75556c7661887ad63b72098f412cfff4cff0c7c3671663c0e5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /jpg/xmt.webp HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/css/defaultskin.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: image/webp
Content-Length: 8890
Last-Modified: Thu, 17 Feb 2022 02:52:38 GMT
Connection: keep-alive
ETag: "620db876-22ba"
Accept-Ranges: bytes

www.pjgxw.net/jpg/201792616224585.webp

107.148.71.57

200 OK

36 kB

URL HTTP/1.1
www.pjgxw.net/jpg/201792616224585.webp
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
36 kB (35762 bytes)
Hash
d34e8a63222dab73dbdda79ffada495c
fbadd89daebb5c3c82c4418582f6fae9c0fa52ae
53707c6b6c3efb45fa5b0c618b55730c72c61bc3cca6497f66ab99b69bf15ab1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /jpg/201792616224585.webp HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: image/webp
Content-Length: 35762
Last-Modified: Thu, 17 Feb 2022 02:41:52 GMT
Connection: keep-alive
ETag: "620db5f0-8bb2"
Accept-Ranges: bytes

www.pjgxw.net/jpg/2017926114417167.webp

107.148.71.57

200 OK

0 B

URL HTTP/1.1
www.pjgxw.net/jpg/2017926114417167.webp
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /jpg/2017926114417167.webp HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:40 GMT
Content-Type: image/webp
Content-Length: 38470
Last-Modified: Thu, 17 Feb 2022 02:43:50 GMT
Connection: keep-alive
ETag: "620db666-9646"
Accept-Ranges: bytes

www.pjgxw.net/jpg/2017926114555809.webp

107.148.71.57

200 OK

0 B

URL HTTP/1.1
www.pjgxw.net/jpg/2017926114555809.webp
IP
107.148.71.57:0
ASN
#54600 PEGTECHINC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /jpg/2017926114555809.webp HTTP/1.1
Host: www.pjgxw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pjgxw.net/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 23:50:39 GMT
Content-Type: image/webp
Content-Length: 42146
Last-Modified: Thu, 17 Feb 2022 02:43:50 GMT
Connection: keep-alive
ETag: "620db666-a4a2"
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations