Report - cfileapi.gyaott.top/001/puppet.Txt?31914795

Report Overview

Submitted URL
cfileapi.gyaott.top/001/puppet.Txt?31914795
IP
45.207.71.123
ASN
#136800 Sun Network Hong Kong Limited - HongKong Backbone
Submitted
2023-06-07 06:27:08
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
3
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
at.alicdn.com	11137	2008-06-25	2013-11-28	2023-06-07	496 B	27 kB	47.246.44.252
cfileapi.gyaott.top	unknown	2020-03-09	2022-06-02	2023-06-06	1.2 kB	7.0 kB	45.207.71.123
gczx666.oss-cn-shenzhen.aliyuncs.com	874674	2012-04-01	2021-08-12	2023-06-06	423 B	597 B	120.77.166.101
ocsp.sectigo.com	487	2018-08-16	2019-11-29	2023-06-07	330 B	963 B	104.18.14.101
320213.com	unknown	2023-06-04	2021-01-30	2023-06-06	6.8 kB	800 kB	20.205.104.140
aeis.alicdn.com	23225	2008-06-25	2016-08-25	2023-06-07	840 B	83 kB	104.110.21.4
ocsp2.globalsign.com	1544	1999-04-19	2012-05-23	2023-06-07	714 B	3.9 kB	104.18.20.226
images.ppa029sdfjshsjkdhksdhjhdu3.com	unknown	2022-02-25	2022-10-05	2023-06-06	1.4 kB	395 kB	20.24.81.35
static.ppa029sdfjshsjkdhksdhjhdu3.com	unknown	2022-02-25	2022-10-09	2023-06-06	443 B	1.9 kB	13.75.115.235

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-07 06:26:50	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile
2023-06-07 06:26:51	medium	Client IP	45.207.71.123	ET INFO HTTP Request to a *.top domain
2023-06-07 06:27:03	low	45.207.71.123	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (20)

	URL	Size	First Seen	Last Seen
	320213.com/static/spine-webgl.js	369 kB	2023-03-08	2024-03-19
Pretty URL 320213.com/static/spine-webgl.js IP 20.205.104.140 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 11:56:35 Last Seen2024-03-19 18:50:06 Times Seen14040 Hash 5200130e3b8970af6c19b8587f46663b 56f9307ce28cb0a1c0150d92b095760936e83618 ffafc28590239f5f3f134c8bc83753f6c2e5d4ff2d3c775c2ff50afc2a608c13 Loading...

	320213.com/register?id=32483556	1.3 kB	2023-04-11	2024-04-27
Pretty URL 320213.com/register?id=32483556 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-11 06:15:44 Last Seen2024-04-27 20:31:47 Times Seen8008 Hash 2ca4be249a705779f561fc4e10db4ebe 169e7fed0746ec659c205fd30e830302954b6890 9c7b8f45da0e7a4920deba90ec9fb470a8127e7f7431935de1c63202b1ea96cc Loading...

	320213.com/static/js/0.fbade850a11b795f8b57.js	611 kB	2023-04-11	2023-06-13
Pretty URL 320213.com/static/js/0.fbade850a11b795f8b57.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 06:15:44 Last Seen2023-06-13 05:25:40 Times Seen935 Hash 73dbed35962df06dd303d3f7a7154d65 cb5a745c3ffc32d16180b78f69504c461d610608 5e5fbbefe1dec3b2ddc6bd4956d7d603ea6ade74026b1834a4d243c2f0514f3c Loading...

	320213.com/static/js/6.04d491c77340e0c1de58.js	304 kB	2023-05-17	2023-06-13
Pretty URL 320213.com/static/js/6.04d491c77340e0c1de58.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-17 01:58:09 Last Seen2023-06-13 05:25:40 Times Seen1197 Hash 30e032eb278fb12526fd4711586e71cd 9af1f4c38d76ff50c9348adcde62391fee20d627 2fa5bf635d437a7180988f0008a4f538c120ee82783415a9fa053c910843ba6c Loading...

	320213.com/register?id=32483556	0 B	2023-03-07	2024-05-05
Pretty URL 320213.com/register?id=32483556 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-05 04:20:30 Times Seen37353066 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	320213.com/static/js/aliyun.min.js	220 kB	2023-03-08	2024-03-19
Pretty URL 320213.com/static/js/aliyun.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 11:56:32 Last Seen2024-03-19 18:50:06 Times Seen13895 Hash 85e7d42d7ec09184b9bbde78b641ca00 0bc92965c772b460ea1a65468fb2e8baabc7b5d0 5c919aeed13a145644e93be09a3ce46b4e2f241133ac316d61f8c5d2dc59758c Loading...

	320213.com/static/js/20.cdf42703e7bab8ee56e8.js	56 kB	2023-05-11	2023-06-12
Pretty URL 320213.com/static/js/20.cdf42703e7bab8ee56e8.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-11 19:09:08 Last Seen2023-06-12 08:29:29 Times Seen1255 Hash 3efdc563685645f6273fe74c6dbfc0fb 5a50090eb1328d8f5de2df0c5d38fc3fa7f8e88a 3aa8663a43612934515aa936f580858d4edf32407e51366544995966a190b7ca Loading...

	320213.com/register?id=32483556	0 B	2023-03-07	2024-05-05
Pretty URL 320213.com/register?id=32483556 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-05 04:20:30 Times Seen37353066 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	320213.com/static/js/initws.js	9.0 kB	2023-03-08	2024-03-19
Pretty URL 320213.com/static/js/initws.js IP 20.205.104.140 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 11:56:32 Last Seen2024-03-19 18:50:06 Times Seen11660 Hash b75862d5945ee76372a13c6dd89cca98 dc672637184650e0120b5cd079f2dcff574d0343 17863126fed9c414b64b4fa31983f2c7118624d8beaaae8c4c70832ae0fbb4b4 Loading...

	320213.com/static/js/yidun/index.js	11 kB	2023-04-11	2024-04-27
Pretty URL 320213.com/static/js/yidun/index.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 06:15:44 Last Seen2024-04-27 20:31:47 Times Seen7500 Hash 06846502dac18669cd7694da925979fe 4fab06af8d6e10cb88c605d83f061464d79d7cf1 5139d2190d1356e640cd47ef1e669e3428a742a939ad4f6ff12e988d6aa9159a Loading...

	unknown	54 B	2023-04-12	2024-05-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-12 08:25:39 Last Seen2024-05-04 23:17:05 Times Seen9777 Hash fcaea4b8885ca5c1fb3ddd5c490da5c6 35745f87b37210d992a9ed534a593ae500b7adaa 934c2008743c36db746a9d6ebd9f1b84ff11477edc55fbf7b599bbfa687f7272 Loading...

	320213.com/static/js/9.980024635cbdb3d7060a.js	21 kB	2023-05-17	2023-06-07
Pretty URL 320213.com/static/js/9.980024635cbdb3d7060a.js IP 20.205.104.140 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-17 01:58:09 Last Seen2023-06-07 08:27:12 Times Seen1927 Hash 9d689ffd084aff518aab12e17785e739 134bd4191b93fe7d0952b01fde326386200aeddb 51b4af84fae01d386cdbc0b0e4032de4b3ef14e50b88867e6f4cd9650dd045c0 Loading...

	aeis.alicdn.com/AWSC/uab/1.140.0/collina.js	249 kB	2023-03-07	2024-05-05
Pretty URL aeis.alicdn.com/AWSC/uab/1.140.0/collina.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:04 Last Seen2024-05-05 02:00:31 Times Seen19139 Hash 75fb6b94dcb3a9c89abb59a3ffd7546f 96101820857ef511ba83017e928aeeb88353b162 04975704505b42dc124568d9d4be26aee2d4592826a0487920cb1d016d1a8e58 Loading...

	unknown	66 B	2023-04-12	2024-05-05
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-12 01:32:23 Last Seen2024-05-05 02:00:29 Times Seen9507 Hash 8d46e2bc77fb0b41f87ccf9a32df5d25 c22a372d491a29e212169e6db5a44a53369b6935 457e7360a585f828fa0887299245267fd923f6036471a3250665b8b9d3c623af Loading...

	aeis.alicdn.com/AWSC/AWSC/awsc.js?_t=234183	12 kB	2023-05-15	2023-06-07
Pretty URL aeis.alicdn.com/AWSC/AWSC/awsc.js?_t=234183 IP 104.110.21.4 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-15 13:43:19 Last Seen2023-06-07 19:40:19 Times Seen2350 Hash 05ccd82860f1ad63d32696b7b6c0ce14 52090b1208172ff8f4cec5f6454881c61f0e0a2f bc6b428ea03ce9591b45c8cabfc9489db7e112c55b393c88868de0efe04ceb5a Loading...

	320213.com/static/public/layer.m.js	3.1 kB	2023-03-08	2024-03-19
Pretty URL 320213.com/static/public/layer.m.js IP 20.205.104.140 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 11:56:32 Last Seen2024-03-19 18:50:06 Times Seen11455 Hash dda7a6368de9444d877be068fab49b44 a03085133806ceaac8a3e64711616582d000e45f 8cb834cdc0c8fc17c42aefb5e79fd0ec76a3b856531b801ddd1698cf7a9c7864 Loading...

	320213.com/register?id=32483556	57 B	2023-05-26	2023-06-07
Pretty URL 320213.com/register?id=32483556 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-26 05:41:49 Last Seen2023-06-07 08:27:12 Times Seen552 Hash 830c2b12b37144c6a27512e55d770f00 b5fae05902fd0ca22b3553c94ef7fa76c35b8138 913ad817e4232cd4b58acf1652bce71f8637dd825307e80b7d2daa9e392a989d Loading...

	320213.com/static/js/manifest.bd1c3404b2dcce0589be.js	7.0 kB	2023-05-24	2023-06-07
Pretty URL 320213.com/static/js/manifest.bd1c3404b2dcce0589be.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-24 04:55:36 Last Seen2023-06-07 08:27:12 Times Seen1270 Hash fb2e541157d6855cd5028ecea37397e8 c79f764f203f8350d266185f20327f0df4531db0 627793544395e18763d4009d8de513f3dc4ec9029a1d44157e60b79051a53d6c Loading...

	aeis.alicdn.com/AWSC/WebUMID/1.93.0/um.js	178 kB	2023-03-13	2024-05-05
Pretty URL aeis.alicdn.com/AWSC/WebUMID/1.93.0/um.js IP 104.110.21.4 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:52:52 Last Seen2024-05-05 02:00:31 Times Seen19417 Hash a4cff78229e56fde5f28d1999679a1d1 8d8f89aa7d26569337192dce8a12daaa1867bcd4 4c4701ca975df0019b9ce5ffd2a8d33f413bad55663a9f64ba9369da7a444db0 Loading...

		Size	First Seen	Last Seen
	#1 Eval - f7fef8930207b23ec9c04386f9a02c76	24 B	2023-03-07	2024-05-05
Pretty Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-05 01:41:46 Times Seen9435 Hash f7fef8930207b23ec9c04386f9a02c76 146273d1c716700bb25aaa15e8595624b611ffdf 74867c5a2cf408b090752d3cb8767bb46fdb4a0529bc959d96f51aeb2607d7e3 Loading...

HTTP Transactions (27)

URL IP Response Size

cfileapi.gyaott.top/001/puppet.Txt?31914795

45.207.71.123

224 B

URL
cfileapi.gyaott.top/001/puppet.Txt?31914795
IP
45.207.71.123:0
ASN
#136800 Sun Network Hong Kong Limited - HongKong Backbone

File type
HTML document, ASCII text, with CRLF line terminators
Size
224 B (224 bytes)
Hash
5abd17caff5ac9f16a562f6fd5eb4460
6423d820a668b08f45b2b7ca411ca3a87781b145
26d82981426ce33e8efceb49fc368223e48d977f6f75075710991ffa8876f57c

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET /001/puppet.Txt?31914795 HTTP/1.1
Host: cfileapi.gyaott.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Jun 2023 06:26:52 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

cfileapi.gyaott.top/gczx.html

45.207.71.123

200 OK

5.8 kB

URL User Request GET HTTP/1.1
cfileapi.gyaott.top/gczx.html
IP
45.207.71.123:80
ASN
#136800 Sun Network Hong Kong Limited - HongKong Backbone

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28637)
Size
5.8 kB (5839 bytes)
Hash
200f39af116ed54e6182f27605fe374a
b8bfefc65cb9fbefff48719c96969e78804427f2
27d9da24acf51e0547e5577fa3eec1269258af431fb598ce7c36127082e0c878

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1

HTTP Headers

GET /gczx.html HTTP/1.1
Host: cfileapi.gyaott.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cfileapi.gyaott.top/001/puppet.Txt?31914795
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Jun 2023 06:26:53 GMT
Content-Type: text/html
Last-Modified: Mon, 15 May 2023 15:00:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6462491c-789c"
Content-Encoding: gzip

cfileapi.gyaott.top/favicon.ico

45.207.71.123

200 OK

224 B

URL GET HTTP/1.1
cfileapi.gyaott.top/favicon.ico
IP
45.207.71.123:80
ASN
#136800 Sun Network Hong Kong Limited - HongKong Backbone

Requested by
http://cfileapi.gyaott.top/gczx.html

File type
HTML document, ASCII text, with CRLF line terminators
Size
224 B (224 bytes)
Hash
5abd17caff5ac9f16a562f6fd5eb4460
6423d820a668b08f45b2b7ca411ca3a87781b145
26d82981426ce33e8efceb49fc368223e48d977f6f75075710991ffa8876f57c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: cfileapi.gyaott.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cfileapi.gyaott.top/gczx.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Jun 2023 06:26:53 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

ocsp2.globalsign.com/gsorganizationvalsha2g3

104.18.20.226

1.5 kB

URL
ocsp2.globalsign.com/gsorganizationvalsha2g3
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1461 bytes)
Hash
2ea96a57e8a648b0a327bf9409f11684
eb5337857e0410f0e37dcaba8298ebee7ad3f98b
74f577fd42d4369b119629e744c5335e7768f9c7d76dee5bcaf1edecb0ca0314

HTTP Headers

POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:26:54 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Sun, 11 Jun 2023 05:11:26 GMT
ETag: "eb5337857e0410f0e37dcaba8298ebee7ad3f98b"
Last-Modified: Wed, 07 Jun 2023 05:11:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1052
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d36d3810c59b51e-OSL

gczx666.oss-cn-shenzhen.aliyuncs.com/gczx.js

120.77.166.101

125 B

URL
gczx666.oss-cn-shenzhen.aliyuncs.com/gczx.js
IP
120.77.166.101:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
Unicode text, UTF-8 (with BOM) text, with no line terminators
Size
125 B (125 bytes)
Hash
0ff1ad5fc02d31edcb1f315d7d49172a
636631c6ebcc0766a27921cbec58dc71af4399c7
6cb30873cc1f45465e48eba72b4205007b7aab8b06a5713da9923841e5e14331

HTTP Headers

GET /gczx.js HTTP/1.1
Host: gczx666.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://cfileapi.gyaott.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 07 Jun 2023 06:26:56 GMT
Content-Type: application/javascript
Content-Length: 125
Connection: keep-alive
x-oss-request-id: 64802330B977323330AFFBCC
Accept-Ranges: bytes
ETag: "0FF1AD5FC02D31EDCB1F315D7D49172A"
Last-Modified: Mon, 05 Jun 2023 04:56:31 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 4246857114174384965
x-oss-storage-class: Standard
Content-MD5: D/GtX8AtMe3LHzFdfUkXKg==
x-oss-server-time: 1

ocsp.sectigo.com/

104.18.14.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.14.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
39543f26cf5c843a475c4188a1fceceb
77d3c1a59de8dbff7358ba63e8def840f7c654bf
71b340dd7944d5c4aef63ce1a14ec66f6a5952f6677833ee06971fab5a60406c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:27:00 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Jun 2023 06:10:33 GMT
Expires: Tue, 13 Jun 2023 06:10:32 GMT
Etag: "77d3c1a59de8dbff7358ba63e8def840f7c654bf"
Cache-Control: max-age=516811,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d36d3a5aa071c02-OSL

320213.com/static/css/9.e1799f90210d.css

20.205.104.140

200 OK

927 B

URL GET HTTP/2
320213.com/static/css/9.e1799f90210d.css
IP
20.205.104.140:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://320213.com/register?id=32483556
Certificate
IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
927 B (927 bytes)
Hash
991052cbe2793dc3e29d599c0ecf3a90
f2e21c504953e04f90b450f36eb97ad561dd151c
12e233dd3af3af933aa6d0c79fdcb319978c79e255cc8c969bd33e76684d2650

HTTP Headers

GET /static/css/9.e1799f90210d.css HTTP/1.1
Host: 320213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://320213.com/register?id=32483556
Cookie: _uab_collina=168611922198355483188777
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 06:27:02 GMT
content-type: text/css
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-445"
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.20.226

1.5 kB

URL
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
39937ea138c18d9ba301b5a9f10ca80b
765aad5be0a2f9b49ccf06c4d9155bfc85fa6634
49028e43916673428ad60ff5130e7a2633fb92101147da421911b397c16119e7

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:27:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 11 Jun 2023 04:33:14 GMT
ETag: "765aad5be0a2f9b49ccf06c4d9155bfc85fa6634"
Last-Modified: Wed, 07 Jun 2023 04:33:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2486
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d36d3bc6c59b51e-OSL

aeis.alicdn.com/AWSC/AWSC/awsc.js?_t=234183

104.110.21.4

3.9 kB

URL
aeis.alicdn.com/AWSC/AWSC/awsc.js?_t=234183
IP
104.110.21.4:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (11988), with no line terminators
Size
3.9 kB (3930 bytes)
Hash
05ccd82860f1ad63d32696b7b6c0ce14
52090b1208172ff8f4cec5f6454881c61f0e0a2f
bc6b428ea03ce9591b45c8cabfc9489db7e112c55b393c88868de0efe04ceb5a

HTTP Headers

GET /AWSC/AWSC/awsc.js?_t=234183 HTTP/1.1
Host: aeis.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://320213.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 3930
x-oss-request-id: 648003EB1995BC39352A70C2
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7512433114953199032
x-oss-storage-class: Standard
content-md5: BczYKGDxrWPTJpa3tsDOFA==
x-oss-server-time: 3
x-source-scheme: https
content-encoding: gzip
ali-swift-global-savetime: 1686111211
x-swift-savetime: Wed, 07 Jun 2023 04:39:45 GMT
x-swift-cachetime: 2026
eagleid: 2ff62c9716861127854358339e
cache-control: max-age=727, s-maxage=3600
expires: Wed, 07 Jun 2023 06:39:10 GMT
date: Wed, 07 Jun 2023 06:27:03 GMT
vary: Accept-Encoding
served-from: 23.36.77.199
network_info: NO_OSLO_50304
timing-allow-origin: *, *
access-control-allow-origin: *
access-control-expose-headers: FW_IP
fw_ip: 104.110.21.4
X-Firefox-Spdy: h2

320213.com/v1/report/tenantReport/getAvgOptTime?t=1686119222577

20.205.104.140

200 OK

26 kB

URL GET HTTP/2
320213.com/v1/report/tenantReport/getAvgOptTime?t=1686119222577
IP
20.205.104.140:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://320213.com/register?id=32483556
Certificate
IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
26 kB (26072 bytes)
Hash
5a01a28281e0f84caa9091a0e9d51857
b293125c59b40500286ae478b4645a1a7e8b201a
8965b359f2b4c7af20c232162f29b9e4ad004803028538b25c3c8452ba78a5ba

HTTP Headers

GET /v1/report/tenantReport/getAvgOptTime?t=1686119222577 HTTP/1.1
Host: 320213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Publish-Version: 2023/05/26_11:27:06 pc-v1.179.0
X-Token: 
DNT: 1
Connection: keep-alive
Referer: https://320213.com/register?id=32483556
Cookie: _uab_collina=168611922198355483188777
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/json;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: X-Token,Content-Type,Publish-Version
access-control-allow-methods: POST,GET,OPTIONS
access-control-max-age: 604800
access-control-expose-headers: X-forwared-port, X-forwarded-host,X-Token,Content-Type,Publish-Version
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-encoding: gzip
X-Firefox-Spdy: h2

images.ppa029sdfjshsjkdhksdhjhdu3.com/system/pc/login/loginBg.png

20.24.81.35

20 kB

URL
images.ppa029sdfjshsjkdhksdhjhdu3.com/system/pc/login/loginBg.png
IP
20.24.81.35:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 312 x 234, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19805 bytes)
Hash
f14a9c8be2d83922e4ae691801825839
7198fc446609a5aea6e916a81c0895f1fc6c6f85
1a020a93ee5dbf562e6ad700e33935e156d1705d1cc42b6574dca17b1ec36e43

HTTP Headers

GET /system/pc/login/loginBg.png HTTP/1.1
Host: images.ppa029sdfjshsjkdhksdhjhdu3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://320213.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:27:03 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 18 Oct 2016 16:57:42 GMT
ETag: W/"0477fbd6029d21:0"
X-Powered-By: ASP.NET
Expires: Thu, 08 Jun 2023 06:27:03 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Cache-Control: max-age=86400, max-age=315360000000
X-Cache: HIT
Content-Encoding: gzip

aeis.alicdn.com/AWSC/WebUMID/1.93.0/um.js

104.110.21.4

200 OK

77 kB

URL GET HTTP/2
aeis.alicdn.com/AWSC/WebUMID/1.93.0/um.js
IP
104.110.21.4:443
ASN
#16625 AKAMAI-AS

Requested by
https://320213.com/register?id=32483556
Certificate
IssuerDigiCert Inc
Subjectru.aliexpress.com
FingerprintB0:CC:5C:84:CD:0B:FC:82:E1:6A:C4:16:F5:B5:1E:D9:13:45:6C:3F
ValidityMon, 19 Dec 2022 00:00:00 GMT - Tue, 19 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
77 kB (77333 bytes)
Hash
a4cff78229e56fde5f28d1999679a1d1
8d8f89aa7d26569337192dce8a12daaa1867bcd4
4c4701ca975df0019b9ce5ffd2a8d33f413bad55663a9f64ba9369da7a444db0

HTTP Headers

GET /AWSC/WebUMID/1.93.0/um.js HTTP/1.1
Host: aeis.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://320213.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 77333
x-oss-request-id: 6468E5E961623D31397B5535
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2332966527039349753
x-oss-storage-class: Standard
content-md5: pM/3ginlb95fKNGZlnmh0Q==
x-oss-server-time: 20
x-source-scheme: https
content-encoding: gzip
ali-swift-global-savetime: 1684596201
x-swift-savetime: Sat, 20 May 2023 15:23:29 GMT
x-swift-cachetime: 86392
eagleid: 2ff62c9716845962097947285e
served-from: 47.246.44.230
cache-control: max-age=1069055, s-maxage=86400
expires: Mon, 19 Jun 2023 15:24:39 GMT
date: Wed, 07 Jun 2023 06:27:04 GMT
vary: Accept-Encoding
network_info: NO_OSLO_50304
timing-allow-origin: *, *
access-control-allow-origin: *
access-control-expose-headers: FW_IP
fw_ip: 104.110.21.4
X-Firefox-Spdy: h2

320213.com/favicon.ico

20.205.104.140

179 kB

URL
320213.com/favicon.ico
IP
20.205.104.140:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (32085), with CRLF, LF line terminators
Size
179 kB (179112 bytes)
Hash
da16328d6c716d6d325162e99b06bcfa
d4a958c57ab7ab1b6af748763cb966b881c0c973
b871684c4a5f3fb24d18dbda9ee2626976456f954e4cdd1ec46e634e7a28b2b1

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 320213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://320213.com/register?id=32483556
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 06:27:01 GMT
content-type: text/html
content-encoding: gzip
X-Firefox-Spdy: h2

320213.com/v1/betting/getServerTimeMillisecond?t=1686119222332

20.205.104.140

200 OK

3.4 kB

URL GET HTTP/2
320213.com/v1/betting/getServerTimeMillisecond?t=1686119222332
IP
20.205.104.140:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://320213.com/register?id=32483556
Certificate
IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
3.4 kB (3400 bytes)
Hash
affb46bf253dae107cfb0d484c2ed673
0153b25630689db32f3540b3731ef63bf4710131
fe71b78e6fbcbcf7b10ed1bac1ee5303d4e5d66e3e3eb132d2c91a82ebe9958e

HTTP Headers

GET /v1/betting/getServerTimeMillisecond?t=1686119222332 HTTP/1.1
Host: 320213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Publish-Version: 2023/05/26_11:27:06 pc-v1.179.0
X-Token: 
DNT: 1
Connection: keep-alive
Referer: https://320213.com/register?id=32483556
Cookie: _uab_collina=168611922198355483188777
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/json;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: X-Token,Content-Type,Publish-Version
access-control-allow-methods: POST,GET,OPTIONS
access-control-max-age: 604800
access-control-expose-headers: X-forwared-port, X-forwarded-host,X-Token,Content-Type,Publish-Version
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-encoding: gzip
X-Firefox-Spdy: h2

320213.com/static/js/initws.js

20.205.104.140

24 kB

URL
320213.com/static/js/initws.js
IP
20.205.104.140:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
data
Size
24 kB (24451 bytes)
Hash
f3d1f0195bb6b71bd913d74354a25b23
12046183d2ded57af974c00037d11ffe4bc456fe
466d73f2c07d1fbb7951d6208361c1ce5c59839617df193f4959100147887317

HTTP Headers

GET /static/js/initws.js HTTP/1.1
Host: 320213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://320213.com/register?id=32483556
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 06:27:00 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-234a"
content-encoding: gzip
X-Firefox-Spdy: h2

images.ppa029sdfjshsjkdhksdhjhdu3.com/game/1578637842482.png

20.24.81.35

371 kB

URL
images.ppa029sdfjshsjkdhksdhjhdu3.com/game/1578637842482.png
IP
20.24.81.35:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 2990 x 566, 8-bit colormap, non-interlaced\012- data
Size
371 kB (370952 bytes)
Hash
a366792ce69457744b882318850cefe2
5b078849d41e40f9d2c6dba6b821a04a9c0c35b9
faa00bbd3a46b12e4205da06089f1f4d489f01ab874caee4cd5d6c9c37203842

HTTP Headers

GET /game/1578637842482.png HTTP/1.1
Host: images.ppa029sdfjshsjkdhksdhjhdu3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://320213.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:27:03 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 27 Jan 2020 07:29:14 GMT
ETag: W/"0819879e3d4d51:0"
X-Powered-By: ASP.NET
Expires: Thu, 08 Jun 2023 06:27:03 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Cache-Control: max-age=86400, max-age=315360000000
X-Cache: HIT
Content-Encoding: gzip

static.ppa029sdfjshsjkdhksdhjhdu3.com/ico/zghcp.ico

13.75.115.235

1.6 kB

URL
static.ppa029sdfjshsjkdhksdhjhdu3.com/ico/zghcp.ico
IP
13.75.115.235:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1612 bytes)
Hash
fbab93a333ba620cc0c53190540c3ae8
ebd68313eac25954b431492428976ae4cb2788ae
d1e12df4932ef28e4bf59ffdfd447abd80501dc9ab2db137d5d1ebe02f449367

HTTP Headers

GET /ico/zghcp.ico HTTP/1.1
Host: static.ppa029sdfjshsjkdhksdhjhdu3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://320213.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:27:05 GMT
Content-Type: image/x-icon
Content-Length: 1612
Last-Modified: Wed, 01 Feb 2023 10:29:11 GMT
Connection: keep-alive
ETag: "63da3ef7-64c"
Expires: Fri, 07 Jul 2023 06:27:05 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

320213.com/static/js/9.980024635cbdb3d7060a.js

20.205.104.140

200 OK

21 kB

URL GET HTTP/2
320213.com/static/js/9.980024635cbdb3d7060a.js
IP
20.205.104.140:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://320213.com/register?id=32483556
Certificate
IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type

Size
21 kB (20686 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/js/9.980024635cbdb3d7060a.js HTTP/1.1
Host: 320213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://320213.com/register?id=32483556
Cookie: _uab_collina=168611922198355483188777
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 06:27:02 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-50ce"
content-encoding: gzip
X-Firefox-Spdy: h2

320213.com/v1/management/tenant/getTenantConfig?t=1686119222304

20.205.104.140

200 OK

1.7 kB

URL GET HTTP/2
320213.com/v1/management/tenant/getTenantConfig?t=1686119222304
IP
20.205.104.140:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://320213.com/register?id=32483556
Certificate
IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (1783), with no line terminators
Size
1.7 kB (1651 bytes)
Hash
b8d0e267ea74be8364ab3224d5762e9c
c0272e1ae2890d6a60e1a6bc685987d31cf4cea0
6756aee30e9e82486cf64dfc9a634a51ddb7ff8394c69c0c27638ed7f1ce6958

HTTP Headers

GET /v1/management/tenant/getTenantConfig?t=1686119222304 HTTP/1.1
Host: 320213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Publish-Version: 2023/05/26_11:27:06 pc-v1.179.0
X-Token: 
DNT: 1
Connection: keep-alive
Referer: https://320213.com/register?id=32483556
Cookie: _uab_collina=168611922198355483188777
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: X-Token,Content-Type,Publish-Version
access-control-allow-methods: POST,GET,OPTIONS
access-control-max-age: 604800
access-control-expose-headers: X-forwared-port, X-forwarded-host,X-Token,Content-Type,Publish-Version
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-encoding: gzip
X-Firefox-Spdy: h2

320213.com/v1/management/content/getIntroductionList?t=1686119222574

20.205.104.140

200 OK

815 B

URL GET HTTP/2
320213.com/v1/management/content/getIntroductionList?t=1686119222574
IP
20.205.104.140:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://320213.com/register?id=32483556
Certificate
IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (895), with no line terminators
Size
815 B (815 bytes)
Hash
4226f01978c327448a1e75a2ffd7d4d8
6c130d82d7845b1066514c836053360b5f487535
7990226ccfcba97419496f59fe5a73b62861427e61d787036b8f6ca9edfd9f92

HTTP Headers

GET /v1/management/content/getIntroductionList?t=1686119222574 HTTP/1.1
Host: 320213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Publish-Version: 2023/05/26_11:27:06 pc-v1.179.0
X-Token: 
DNT: 1
Connection: keep-alive
Referer: https://320213.com/register?id=32483556
Cookie: _uab_collina=168611922198355483188777
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: X-Token,Content-Type,Publish-Version
access-control-allow-methods: POST,GET,OPTIONS
access-control-max-age: 604800
access-control-expose-headers: X-forwared-port, X-forwarded-host,X-Token,Content-Type,Publish-Version
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-encoding: gzip
X-Firefox-Spdy: h2

320213.com/static/public/layer.m.js

20.205.104.140

200 OK

3.1 kB

URL GET HTTP/2
320213.com/static/public/layer.m.js
IP
20.205.104.140:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://320213.com/register?id=32483556
Certificate
IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (3208), with no line terminators
Size
3.1 kB (3096 bytes)
Hash
38b405624adacadff4fd9955b0248871
11747a1c224e318ad5c0ff75b1a834c362ff471b
7c394e10425cccb4266d17a22fc5e5e783020d64c0c0c1824c283ca7a12969a8

HTTP Headers

GET /static/public/layer.m.js HTTP/1.1
Host: 320213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://320213.com/register?id=32483556
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 06:27:01 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-c18"
content-encoding: gzip
X-Firefox-Spdy: h2

320213.com/v1/users/announcement/list?t=1686119222575&pageSize=20&pageNum=1

20.205.104.140

200 OK

671 B

URL GET HTTP/2
320213.com/v1/users/announcement/list?t=1686119222575&pageSize=20&pageNum=1
IP
20.205.104.140:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://320213.com/register?id=32483556
Certificate
IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (723), with no line terminators
Size
671 B (671 bytes)
Hash
d12435bf2dc0894f60d842e26dc094b3
700c29c3914d32658b010febb2f9ee6d908b7831
2fdfde2ec146585c44024ccc0f278f78e2fe387ea8a568e00e1e171368caba16

HTTP Headers

GET /v1/users/announcement/list?t=1686119222575&pageSize=20&pageNum=1 HTTP/1.1
Host: 320213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Publish-Version: 2023/05/26_11:27:06 pc-v1.179.0
X-Token: 
DNT: 1
Connection: keep-alive
Referer: https://320213.com/register?id=32483556
Cookie: _uab_collina=168611922198355483188777
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: X-Token,Content-Type,Publish-Version
access-control-allow-methods: POST,GET,OPTIONS
access-control-max-age: 604800
access-control-expose-headers: X-forwared-port, X-forwarded-host,X-Token,Content-Type,Publish-Version
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-encoding: gzip
X-Firefox-Spdy: h2

at.alicdn.com/t/font_2430878_tju82v96qxe.woff2

47.246.44.252

200 OK

26 kB

URL GET HTTP/2
at.alicdn.com/t/font_2430878_tju82v96qxe.woff2
IP
47.246.44.252:443
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
https://320213.com/register?id=32483556
Certificate
IssuerGlobalSign nv-sa
Subject*.tbcdn.cn
Fingerprint62:88:3B:F1:01:21:46:73:DD:01:B6:4D:D1:6A:68:18:8A:B4:B6:B1
ValidityFri, 22 Jul 2022 07:30:04 GMT - Sun, 06 Aug 2023 03:46:01 GMT

File type
Web Open Font Format (Version 2), TrueType, length 25988, version 1.0\012- data
Size
26 kB (25988 bytes)
Hash
3d929f77d857dddcd6066bad750bb277
259fd1976fdb8f8e8d354d32b5e7681e3db01341
92edafbe3372b0e72089ee25f8665470b7ee8d4df2250cb96c159d6c1153dbdd

HTTP Headers

GET /t/font_2430878_tju82v96qxe.woff2 HTTP/1.1
Host: at.alicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://320213.com
DNT: 1
Connection: keep-alive
Referer: https://320213.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: font/woff2
content-length: 25988
date: Sun, 04 Jun 2023 17:15:27 GMT
x-oss-request-id: 647CC6AF59DE0D3933242EE5
vary: Origin
accept-ranges: bytes
etag: "3D929F77D857DDDCD6066BAD750BB277"
last-modified: Fri, 24 Dec 2021 22:12:00 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7241217540761008470
x-oss-storage-class: Standard
cache-control: max-age=63072000
content-md5: PZKfd9hX3dzWBmutdQuydw==
x-oss-server-time: 1
ali-swift-global-savetime: 1685898927
via: cache24.l2us1[0,0,200-0,H], cache3.l2us1[1,0], cache8.se1[0,0,200-0,H], cache8.se1[1,0]
age: 220296
x-cache: HIT TCP_MEM_HIT dirn:11:309902367
x-swift-savetime: Mon, 05 Jun 2023 07:11:41 GMT
x-swift-cachetime: 31053826
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 2ff62c9c16861192237634913e
X-Firefox-Spdy: h2

320213.com/static/spine-webgl.js

20.205.104.140

200 OK

369 kB

URL GET HTTP/2
320213.com/static/spine-webgl.js
IP
20.205.104.140:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://320213.com/register?id=32483556
Certificate
IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
ASCII text
Size
369 kB (368805 bytes)
Hash
5200130e3b8970af6c19b8587f46663b
56f9307ce28cb0a1c0150d92b095760936e83618
ffafc28590239f5f3f134c8bc83753f6c2e5d4ff2d3c775c2ff50afc2a608c13

HTTP Headers

GET /static/spine-webgl.js HTTP/1.1
Host: 320213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://320213.com/register?id=32483556
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 06:27:01 GMT
content-type: application/javascript
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-5a0a5"
content-encoding: gzip
X-Firefox-Spdy: h2

320213.com/static/css/app.7df8101d7996.css

20.205.104.140

200 OK

164 kB

URL GET HTTP/2
320213.com/static/css/app.7df8101d7996.css
IP
20.205.104.140:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://320213.com/register?id=32483556
Certificate
IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type

Size
164 kB (164394 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/css/app.7df8101d7996.css HTTP/1.1
Host: 320213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://320213.com/register?id=32483556
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 07 Jun 2023 06:27:01 GMT
content-type: text/css
last-modified: Fri, 26 May 2023 03:27:26 GMT
etag: W/"6470271e-2822a"
content-encoding: gzip
X-Firefox-Spdy: h2

320213.com/v1/users/announcement/content?t=1686119222892&id=117746

20.205.104.140

200 OK

897 B

URL GET HTTP/2
320213.com/v1/users/announcement/content?t=1686119222892&id=117746
IP
20.205.104.140:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://320213.com/register?id=32483556
Certificate
IssuerSectigo Limited
Subject111233c.com
FingerprintD3:0B:52:50:7B:88:C0:41:FB:26:C8:A9:8F:93:FF:78:12:20:E0:37
ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (803), with no line terminators
Size
897 B (897 bytes)
Hash
c24daa5ed600b98ad26fe8093c0f2a89
4108f7fa6ee629722ff9e494a29cf1165b476e30
11ae9ba8e6cc80c3a44e7e898a8b6c2343a2a8f4757b8a6439c4da5d2a5dc4be

HTTP Headers

GET /v1/users/announcement/content?t=1686119222892&id=117746 HTTP/1.1
Host: 320213.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Publish-Version: 2023/05/26_11:27:06 pc-v1.179.0
X-Token: 
DNT: 1
Connection: keep-alive
Referer: https://320213.com/register?id=32483556
Cookie: _uab_collina=168611922198355483188777
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: X-Token,Content-Type,Publish-Version
access-control-allow-methods: POST,GET,OPTIONS
access-control-max-age: 604800
access-control-expose-headers: X-forwared-port, X-forwarded-host,X-Token,Content-Type,Publish-Version
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-encoding: gzip
X-Firefox-Spdy: h2

images.ppa029sdfjshsjkdhksdhjhdu3.com/pro-management/zghcp/1675256697589.png?349677

20.24.81.35

200 OK

3.3 kB

URL GET HTTP/1.1
images.ppa029sdfjshsjkdhksdhjhdu3.com/pro-management/zghcp/1675256697589.png?349677
IP
20.24.81.35:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://320213.com/register?id=32483556
Certificate
IssuerSectigo Limited
Subject*.ppa022cjklwmkksldjuhnb3llc.com
Fingerprint5E:84:56:51:5C:A7:35:6E:52:FF:61:41:60:CB:2C:13:95:97:9F:00
ValidityWed, 07 Sep 2022 00:00:00 GMT - Thu, 07 Sep 2023 23:59:59 GMT

File type
PNG image data, 200 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3322 bytes)
Hash
e073d651a77c0ac5870b927ecd25619e
59696d9aed4351bb0d839201bd188ff65392caf9
01c07b10e80f6a81f0c7c9aa4a6f71a40215cbf5addf3a1522b58bb8f7ee0446

HTTP Headers

GET /pro-management/zghcp/1675256697589.png?349677 HTTP/1.1
Host: images.ppa029sdfjshsjkdhksdhjhdu3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://320213.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 06:27:04 GMT
Content-Type: application/octet-stream
Content-Length: 3322
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Wed, 01 Feb 2023 13:01:05 GMT
ETag: "e073d651a77c0ac5870b927ecd25619e"
x-amz-request-id: tx00000000000018d511037-0064802185-10b0-default
Cache-Control: max-age=600

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML