Report - ningxiaguotou.com/

Report Overview

Submitted URL
ningxiaguotou.com/
IP
60.205.181.202
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.
Submitted
2022-12-06 13:06:55
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
54

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ningxiaguotou.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	24 kB	1.6 MB	60.205.181.202
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.42.148.177
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	64 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	95.101.11.115
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-06	medium	ningxiaguotou.com/	Phishing
2022-12-06	medium	ningxiaguotou.com/js/link.js	Phishing
2022-12-06	medium	ningxiaguotou.com/sitegray/sitegray.js	Phishing
2022-12-06	medium	ningxiaguotou.com/js/terminator2.2.min.js	Phishing
2022-12-06	medium	ningxiaguotou.com/js/bdtxk.js	Phishing
2022-12-06	medium	ningxiaguotou.com/_sitegray/_sitegray.js	Phishing
2022-12-06	medium	ningxiaguotou.com/system/resource/js/dynclicks.js	Phishing
2022-12-06	medium	ningxiaguotou.com/system/resource/js/vsbscreen.min.js	Phishing
2022-12-06	medium	ningxiaguotou.com/system/resource/js/counter.js	Phishing
2022-12-06	medium	ningxiaguotou.com/system/resource/js/openlink.js	Phishing
2022-12-06	medium	ningxiaguotou.com/system/resource/js/base64.js	Phishing
2022-12-06	medium	ningxiaguotou.com/system/resource/js/formfunc.js	Phishing
2022-12-06	medium	ningxiaguotou.com/system/resource/js/ajax.js	Phishing
2022-12-06	medium	ningxiaguotou.com/system/resource/js/news/mp4video.js	Phishing
2022-12-06	medium	ningxiaguotou.com/js/int.js	Phishing
2022-12-06	medium	ningxiaguotou.com/js/lrscroll.js	Phishing
2022-12-06	medium	ningxiaguotou.com/js/koala.min.1.5.js	Phishing
2022-12-06	medium	ningxiaguotou.com/system/resource/js/vsbscreen.min.js	Phishing
2022-12-06	medium	ningxiaguotou.com/system/resource/js/counter.js	Phishing
2022-12-06	medium	ningxiaguotou.com/system/resource/js/dynclicks.js	Phishing
2022-12-06	medium	ningxiaguotou.com/js/Marquee.js	Phishing
2022-12-06	medium	ningxiaguotou.com/system/resource/js/openlink.js	Phishing
2022-12-06	medium	ningxiaguotou.com/system/resource/js/base64.js	Phishing
2022-12-06	medium	ningxiaguotou.com/system/resource/js/formfunc.js	Phishing
2022-12-06	medium	ningxiaguotou.com/system/resource/js/ajax.js	Phishing
2022-12-06	medium	ningxiaguotou.com/system/resource/js/ajax.js	Phishing
2022-12-06	medium	ningxiaguotou.com/system/resource/js/news/mp4video.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (30)

	URL	Size	First Seen	Last Seen
	ningxiaguotou.com/js/link.js	597 B	2023-03-08	2023-03-08
Pretty URL ningxiaguotou.com/js/link.js IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:19:35 Last Seen2023-03-08 20:19:35 Times Seen1 Hash 47cc911764d00ebd6e711f544b4be183 2589654ef12c777b9227d1a3d01dcbcba36e4b6f db3498690c7fc51dddd97cba1425248705af34f13205d562f840064ee06dd3ac Loading...

	ningxiaguotou.com/	820 B	2023-03-08	2023-03-08
Pretty URL ningxiaguotou.com/ IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:19:35 Last Seen2023-03-08 20:19:35 Times Seen1 Hash a129872c33fd7a88b15d3211f74c65d1 186a855f6cd9df10861911cce712869c951fa09b a3dfb58c1d74711ed119e72a119334ab4831b6d71ea1541d0268fb1fc629073c Loading...

	ningxiaguotou.com/	39 B	2023-03-08	2023-03-08
Pretty URL ningxiaguotou.com/ IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:19:35 Last Seen2023-03-08 20:19:35 Times Seen1 Hash 0b0ce54da0eb9c0dde1cb3f8605fee61 238f7c934669f1d91e908f2f3274621a7314a66d 87db979950374a9b0009b196d5b9d88ff4f4508ad923e9f36c28794fddd4c518 Loading...

	ningxiaguotou.com/	857 B	2023-03-08	2023-03-08
Pretty URL ningxiaguotou.com/ IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:19:35 Last Seen2023-03-08 20:19:35 Times Seen1 Hash 5f90dcf1d071c53f200e7a3d432ed1a9 a4103cad7ed8a9c90316fcacbaff12ee5ae9e0f0 058b1344c95ecc67d5624fd6bb1c381692bd15336f25bdecfd576f05f5daf26a Loading...

	ningxiaguotou.com/js/terminator2.2.min.js	18 kB	2023-03-07	2023-05-23
Pretty URL ningxiaguotou.com/js/terminator2.2.min.js IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:44 Last Seen2023-05-23 18:31:56 Times Seen2 Hash 4c91149875e380f907536840f6691a75 16fab551ec8a963fc8f97d21353217708010343a 2ed7a1372834832bf95f11a5743a22b9cd600d832e3de41a7039bdde8e8aa489 Loading...

	ningxiaguotou.com/_sitegray/_sitegray.js	95 B	2023-03-07	2024-05-04
Pretty URL ningxiaguotou.com/_sitegray/_sitegray.js IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:09 Last Seen2024-05-04 18:31:27 Times Seen451 Hash cb16b8b2fae1a2cb3ddba43817fdc763 c1bb1153a3ebb528f86fa5cc57ddd4bfbe9bd4af 66897f9cf68b725abd635d7dc7c1f4e91c80a41779c91bd25cf3a504d8f07407 Loading...

	ningxiaguotou.com/	933 B	2023-03-08	2023-03-08
Pretty URL ningxiaguotou.com/ IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:19:35 Last Seen2023-03-08 20:19:35 Times Seen1 Hash 0d969606d8ba03d70d93546a5e71a02d 8a46a8c6433111091519cebd18f7a0371aef5f09 9ca508e071d325723cf698415cd94dc27bda412a805c7484526cd64be4cd65bd Loading...

	ningxiaguotou.com/	174 B	2023-03-08	2023-03-08
Pretty URL ningxiaguotou.com/ IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:19:35 Last Seen2023-03-08 20:19:35 Times Seen1 Hash cb61f082a2c8ffe0a96940e4843cdf9f 7b8d026fb39a898070d333a4078d3953aad67466 349b9dfd738a84b197916c98f8fb0c5d35ead5de29a26a7f324a985fcd6fe84f Loading...

	ningxiaguotou.com/	857 B	2023-03-08	2023-03-08
Pretty URL ningxiaguotou.com/ IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:19:35 Last Seen2023-03-08 20:19:35 Times Seen1 Hash 65297004607ab67b090c49f7690a44c6 22003556c0b120ac33707675792c846204778a56 cc5800b730a442c460a6b7f5bf484cd1ce52026791ef7cb1454a568665f23053 Loading...

	ningxiaguotou.com/js/int.js	9.8 kB	2023-03-08	2023-03-08
Pretty URL ningxiaguotou.com/js/int.js IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:19:35 Last Seen2023-03-08 20:19:35 Times Seen1 Hash b91e6087fb27de17f41706aa28c5d81a 11df020e1698c0b64a76e5a2a87e2902a3f98934 47e93ab5c8e212cb4194be773d7c20c192e5f1b29b00e0f9b06f99f1d6f135e8 Loading...

	ningxiaguotou.com/	226 B	2023-03-08	2023-03-08
Pretty URL ningxiaguotou.com/ IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:19:35 Last Seen2023-03-08 20:19:35 Times Seen1 Hash 9de5012c209375a9bcfcf4b01e13ff7e c5e8d484ac5392ff2bfd014def9e7cdabdfee10a 6337b5abf3d6fbd662bbef46129d1542c0c928683224014c6b602846b0803685 Loading...

	ningxiaguotou.com/	53 B	2023-03-08	2023-03-08
Pretty URL ningxiaguotou.com/ IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:19:35 Last Seen2023-03-08 20:19:35 Times Seen1 Hash 6dde112fd67ee38a00d3c48503e89421 620cc05fde00a2428354714769390289617ef5f3 6550ab9965a21bd9a49f46717c45ef30e7d3e1f4e78a8a69e85ae2eaa3cc8906 Loading...

	ningxiaguotou.com/	857 B	2023-03-08	2023-03-08
Pretty URL ningxiaguotou.com/ IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:19:35 Last Seen2023-03-08 20:19:35 Times Seen1 Hash 12918b96098783ca4fb5d378586c82aa 73e7cc75c08d5aae8f80a24bb80c3dc31213fc6a e0a13a15e003bb7e9280b6248febf72731569f76062dcb4e129945b9f2a5b57e Loading...

	ningxiaguotou.com/	486 B	2023-03-08	2023-03-08
Pretty URL ningxiaguotou.com/ IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:19:35 Last Seen2023-03-08 20:19:35 Times Seen1 Hash a2e1add82bbb51f0b2bfaa481af688b1 d524103c4c71422785e8e6250b57c7f45884d1b6 5c7f5f9625f479dbe78ce0edd54c80735c1bcfecafcc6868ef430af58bc1fb23 Loading...

	ningxiaguotou.com/js/koala.min.1.5.js	36 kB	2023-03-08	2023-03-08
Pretty URL ningxiaguotou.com/js/koala.min.1.5.js IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:19:35 Last Seen2023-03-08 20:19:35 Times Seen1 Hash 0233a5d982ed1680d30fcba3bf79ed86 24bbf188e9af21c4753517c28549139f9049b681 8b7c41d7e83262ec3fe4d6b0aff77eebbb38467fcdc4475843120b492d2ffc2d Loading...

	ningxiaguotou.com/	226 B	2023-03-08	2023-03-08
Pretty URL ningxiaguotou.com/ IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:19:35 Last Seen2023-03-08 20:19:35 Times Seen1 Hash 0403fda6738ec4b731f35fcaa7edeb05 a283b469cbfe015229e36b888fec423912ed58aa 9aa14102f2b215a4347045a41c6c7118bf558093864f8a63cdfad4ded8e31d69 Loading...

	ningxiaguotou.com/	857 B	2023-03-08	2023-03-08
Pretty URL ningxiaguotou.com/ IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:19:35 Last Seen2023-03-08 20:19:35 Times Seen1 Hash a790a44bbe253cdf87c7486e55c72d55 ceb4c78a07bcff435b99d3656458d7e76168392b 9b9e5e04097785f213376b931d140ac2a0ef796eeb5831e900c9008d1b6e7190 Loading...

	ningxiaguotou.com/	38 B	2023-03-08	2023-03-08
Pretty URL ningxiaguotou.com/ IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:19:35 Last Seen2023-03-08 20:19:35 Times Seen1 Hash 6927643b425ae0a179105d96bce438b1 a1cb5fc62ba0657cd4e25c19e0b0d7a3e9e201e6 1ca9c0f502a44dc9e08d953d1d4b81d3f0c6d76be03af3b10dd552d990bb681e Loading...

	ningxiaguotou.com/js/Marquee.js	9.1 kB	2023-03-08	2023-03-08
Pretty URL ningxiaguotou.com/js/Marquee.js IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:19:35 Last Seen2023-03-08 20:19:35 Times Seen1 Hash 0fdc23d4710183ae7d613482dbdff4fc dec965b8dba09582fa55ac0889e79864bae802b0 f96ecb817d8b8806e049cc224201e55b531a6ecb155b6b0f8d5fde9e8384a0da Loading...

	ningxiaguotou.com/	269 B	2023-03-08	2023-03-08
Pretty URL ningxiaguotou.com/ IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:19:35 Last Seen2023-03-08 20:19:35 Times Seen1 Hash 9d5032e304c20a05841eefc0ed807fcf d3a63354dcfbeddba519c19fb36af686ffff387d 22c1c4c27bef7f8d7c75173f0daa04ec9c313e0c3206a00b2baf5bf01d287412 Loading...

	ningxiaguotou.com/	62 B	2023-03-08	2023-03-14
Pretty URL ningxiaguotou.com/ IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:19:35 Last Seen2023-03-14 04:06:18 Times Seen1 Hash 7814108e688d4af9538de7801d7177c4 d4c16b1362d9ab1a94d8fc97a7dbcd11f2ad1537 2bbc5a82b53578582f81b5064263af855bcd4cf6dd4102fccd3f16cca5d989e6 Loading...

	ningxiaguotou.com/js/lrscroll.js	4.0 kB	2023-03-08	2023-03-08
Pretty URL ningxiaguotou.com/js/lrscroll.js IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:19:35 Last Seen2023-03-08 20:19:35 Times Seen1 Hash 6508cb87a27a8ccb0b7d236a1604e7b7 e7ea375524ab345d6805ad1c726f51bf8dc288d6 4670a5010c05f09b091bef08a4b2a956e947efc3ab7f2f756e4fb6ae2bbadf08 Loading...

	ningxiaguotou.com/	226 B	2023-03-08	2023-03-08
Pretty URL ningxiaguotou.com/ IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:19:35 Last Seen2023-03-08 20:19:35 Times Seen1 Hash dcb84c17a362d183b14d4ad03456e1da 8f2b771e0d5320f7920b2dbd957e82b1549f7868 b745c3d93f3908012423283da3e7f618efcba57ae8e2cd006fcf1cdbef571ec0 Loading...

	ningxiaguotou.com/	731 B	2023-03-08	2023-03-08
Pretty URL ningxiaguotou.com/ IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:19:35 Last Seen2023-03-08 20:19:35 Times Seen1 Hash 9a803ac51da5a6d9656cefe88e6e1bf3 4af7634686d258b2efccd55f30661b365d15bb21 c92e38ac3553d9c969d123b40e4f053000504a9b92858111ae1e64d46d8d9163 Loading...

	ningxiaguotou.com/sitegray/sitegray.js	14 kB	2023-03-08	2023-03-08
Pretty URL ningxiaguotou.com/sitegray/sitegray.js IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:19:35 Last Seen2023-03-08 20:19:35 Times Seen1 Hash 305800780d54e3cb2700ab9433e4d2c0 d5849af6337acf12be15473c2e65650bb939a6e1 5aaf65f70765391dfd07c4b077eccc69ef7759501597b7cbca89e5faf16536fc Loading...

	ningxiaguotou.com/js/bdtxk.js	84 kB	2023-03-08	2023-03-08
Pretty URL ningxiaguotou.com/js/bdtxk.js IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:19:35 Last Seen2023-03-08 20:19:35 Times Seen1 Hash 504075d925eaefc4bdc9e7898eb33ffe 33c5e02f6770b3cb2049416dbbe25b507e3a0ab0 337f4cbd6864085b4eaf8dfd19e0a6fe22126fa4204661183e44a943a7732be0 Loading...

	ningxiaguotou.com/	144 B	2023-03-08	2023-03-08
Pretty URL ningxiaguotou.com/ IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:19:35 Last Seen2023-03-08 20:19:35 Times Seen1 Hash 3909806983e9943b8f6cd98ebc68d739 27f4e1479c10c15bf5dd9b4b5eef12ae7e0cfa8b ab454b20c4cde14fef0afdf1de3f207cbec68d9eebca793c61cbd41c08b63ecd Loading...

	ningxiaguotou.com/	70 B	2023-03-08	2023-03-08
Pretty URL ningxiaguotou.com/ IP 60.205.181.202 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:19:35 Last Seen2023-03-08 20:19:35 Times Seen1 Hash bba3f375df5959c524fa4faabd0a6ac6 f1fc1cd6879706d02069644e437c18a23b7ed922 3dd309132b79a38838d1d4e75148f501eda8da1a64243f063d7fdcad86643d9a Loading...

		Size	First Seen	Last Seen
	#1 Eval - 7c98a6fa2acbb88d071a3a9d71662270	48 kB	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:41:21 Last Seen2024-04-25 10:56:52 Times Seen67 Hash 7c98a6fa2acbb88d071a3a9d71662270 ffeffee6d1836e8cff39eed653f99cd95308bf32 9e6b561b37b3ab69819c94c1bfcf4a9cd899ab75433e79a59103e9a38d0ec8e0 Loading...

	#2 Eval - fd5596ddc5f96d8bd22ef9dc39e329ba	28 kB	2023-03-07	2024-04-11
Pretty Observations First Seen2023-03-07 01:41:21 Last Seen2024-04-11 08:59:35 Times Seen39 Hash fd5596ddc5f96d8bd22ef9dc39e329ba e9fadf7f808f49eec804288fe7b17a10216a3758 4d87d81e9a9d762884ee5ccf3d496ee14ed9d72b09308297b72b8a694113df6f Loading...

HTTP Transactions (95)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12749
Expires: Tue, 06 Dec 2022 16:39:12 GMT
Date: Tue, 06 Dec 2022 13:06:43 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2083
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:06:43 GMT
Last-Modified: Tue, 06 Dec 2022 12:32:00 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5103
Expires: Tue, 06 Dec 2022 14:31:46 GMT
Date: Tue, 06 Dec 2022 13:06:43 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 12:18:38 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2885
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: C6So507nKMXxrfNRC22+ILxGBV7dbq2qoknYaepQETBVC+A99/x1DfZNsIrOVwZqNx8LyE9Xs8c=
x-amz-request-id: GZVVPQ71EN9JVM0H
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 12:48:56 GMT
age: 1067
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 13:06:43 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ningxiaguotou.com/

60.205.181.202

200 OK

13 kB

URL HTTP/1.1
ningxiaguotou.com/
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (748), with CRLF line terminators
Size
13 kB (12787 bytes)
Hash
6642998a2002291bf4bb05abf0a3ac0b
8c9e666f44f412e43c37324d267505e874f9ed21
d385df68ac979f621f22c6992fd5a11f6f289624839f513851a664d4fcdce819

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:43 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 06 Dec 2022 09:20:28 GMT
Accept-Ranges: bytes
Vary: User-Agent,Accept-Encoding
Cache-Control: private, max-age=600
Expires: Tue, 06 Dec 2022 13:16:43 GMT
Content-Encoding: gzip
ETag: "f43a-5ef25509de1fb-gzip"
Content-Length: 12787
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
Content-Language: zh-CN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 12:11:20 GMT
cache-control: public,max-age=3600
age: 3324
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ningxiaguotou.com/css/nav.css

60.205.181.202

200 OK

848 B

URL HTTP/1.1
ningxiaguotou.com/css/nav.css
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with CRLF line terminators
Size
848 B (848 bytes)
Hash
f183f5b016f2da48414ff5b5e1494b9a
4b539e4e4f435dd9e761663a981e5196ab2d3e4a
43902b360607f8ee214e8c6967c4c7871aa00cd7cd111cb8b5862ed196ac32cb

HTTP Headers

GET /css/nav.css HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:44 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 01 Nov 2022 12:06:46 GMT
Accept-Ranges: bytes
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:44 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
ETag: "bc2-5ec678eda2180-gzip"
Content-Length: 848
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
Content-Language: zh-CN

ningxiaguotou.com/css/style.css

60.205.181.202

200 OK

7.9 kB

URL HTTP/1.1
ningxiaguotou.com/css/style.css
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
7.9 kB (7900 bytes)
Hash
9c0287b99a4c05fad4526ee38a76547b
a49abd0a2cfd1358ef39739733434850899f814f
0d83e0df8e57fb013cd9830a1ceb09043b4efc86a5e6d46b06f8be2a24157563

HTTP Headers

GET /css/style.css HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:44 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 16 Sep 2022 08:33:08 GMT
Accept-Ranges: bytes
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:44 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
ETag: "a20a-5e8c73623b900-gzip"
Content-Length: 7900
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
Content-Language: zh-CN

ningxiaguotou.com/js/link.js

60.205.181.202

200 OK

368 B

URL HTTP/1.1
ningxiaguotou.com/js/link.js
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
368 B (368 bytes)
Hash
b0f92a2f9e7cc392f53522e029fb48cd
d64397fb2eb5f59a0154d97f8d0878c093d47045
7027f8b5351ab50b326a3812a64220dbaef5898441aa1f4a2fe84b47879063f7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/link.js HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:44 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 01 Jul 2020 00:42:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:44 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
ETag: "258-5a9568f4ca600-gzip"
Content-Length: 368
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
Content-Language: zh-CN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2070
Cache-Control: max-age=160476
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:06:44 GMT
Etag: "638f062a-1d7"
Expires: Thu, 08 Dec 2022 09:41:20 GMT
Last-Modified: Tue, 06 Dec 2022 09:06:50 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

ningxiaguotou.com/sitegray/sitegray.js

60.205.181.202

200 OK

3.1 kB

URL HTTP/1.1
ningxiaguotou.com/sitegray/sitegray.js
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
3.1 kB (3076 bytes)
Hash
a8c186d24e2ff308e39a8898d2f2bf6d
9c6a7e2ce7c9b019499b19452161ce8a8325ee5a
b3b25abc83b482747f4662174594c9e20777813d77d7b2b828d16bb4f3165bd0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sitegray/sitegray.js HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:44 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 30 Nov 2022 10:30:23 GMT
Accept-Ranges: bytes
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:44 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
ETag: "3513-5eead978e6dc0-gzip"
Content-Length: 3076
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
Content-Language: zh-CN

ningxiaguotou.com/sitegray/sitegray.css

60.205.181.202

200 OK

413 B

URL HTTP/1.1
ningxiaguotou.com/sitegray/sitegray.css
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (322), with CRLF line terminators
Size
413 B (413 bytes)
Hash
216f1c9d274fb885af5b8b91f212d988
43aaf7542e1162d852fefc61cd8dd5958331aaed
28811a5c1308f688b1df6a73189d82e13fcd9207c10b5921ab644675c86ebd8f

HTTP Headers

GET /sitegray/sitegray.css HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:44 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 30 Nov 2022 10:30:23 GMT
Accept-Ranges: bytes
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:44 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
ETag: "29c-5eead978e6dc0-gzip"
Content-Length: 413
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
Content-Language: zh-CN

ningxiaguotou.com/js/terminator2.2.min.js

60.205.181.202

200 OK

6.9 kB

URL HTTP/1.1
ningxiaguotou.com/js/terminator2.2.min.js
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (17308), with CRLF line terminators
Size
6.9 kB (6940 bytes)
Hash
1bb37bb462a32ac7c1da861355ded415
0f6be32a83478f922fca30f2ca58038de762cf2f
04633e3727c4422ebbf90e0e03c9ff73377b12469180aba3cfcd999dfaae3b7d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/terminator2.2.min.js HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:44 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 01 Jul 2020 00:42:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:44 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
ETag: "4527-5a9568f4ca600-gzip"
Content-Length: 6940
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
Content-Language: zh-CN

ningxiaguotou.com/_sitegray/_sitegray_d.css

60.205.181.202

200 OK

20 B

URL HTTP/1.1
ningxiaguotou.com/_sitegray/_sitegray_d.css
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with no line terminators
Size
20 B (20 bytes)
Hash
311749c1d5f9bcf240ca9c25eae61f47
29703f0938cab5945db52e553f3f22cbd7f0b478
183f83b69b6f7ced023f06bc9b98b2d00c9e08b5c627c1f6e9002f48f0bbfb5c

HTTP Headers

GET /_sitegray/_sitegray_d.css HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:44 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 30 Nov 2022 10:33:27 GMT
Accept-Ranges: bytes
Content-Length: 20
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:44 GMT
ETag: "14-5eeada28d7192-gzip"
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
Content-Language: zh-CN

ningxiaguotou.com/js/bdtxk.js

60.205.181.202

200 OK

30 kB

URL HTTP/1.1
ningxiaguotou.com/js/bdtxk.js
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (32061), with CRLF line terminators
Size
30 kB (29462 bytes)
Hash
13c0a672ab2f4284db27bc8908ddf04c
fbfdbae3deaf4ef98bbd4b2b2a4aff0a8b828412
45ad4c21adbb6d72f82cad3bbb70de785e8dae879e1f86971835c2ecc854e2ef

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/bdtxk.js HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:44 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 01 Jul 2020 00:41:59 GMT
Accept-Ranges: bytes
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:44 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
ETag: "148c8-5a9568f3d63c0-gzip"
Content-Length: 29462
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
Content-Language: zh-CN

ningxiaguotou.com/_sitegray/_sitegray.js

60.205.181.202

200 OK

99 B

URL HTTP/1.1
ningxiaguotou.com/_sitegray/_sitegray.js
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with CRLF line terminators
Size
99 B (99 bytes)
Hash
46a5730f1a1d08bc98c22f13eeb06376
bd17d7f4acc7c9f04a07aec0d24dfff70a8d7756
0bfdf613920cbd3b3a4374e88a1dd8f37d2313eb105fffbf634b20f902a9a6a8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_sitegray/_sitegray.js HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:44 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 30 Nov 2022 10:33:27 GMT
Accept-Ranges: bytes
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:44 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
ETag: "5f-5eeada28da072-gzip"
Content-Length: 99
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
Content-Language: zh-CN

push.services.mozilla.com/

52.42.148.177

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.42.148.177:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: s+TC751kWR7CbgvZHokGVQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZdfOmBfqdp7Ojl3Q0Q4N2gkjq1E=

ningxiaguotou.com/system/resource/js/dynclicks.js

60.205.181.202

404 Not Found

1.7 kB

URL HTTP/1.1
ningxiaguotou.com/system/resource/js/dynclicks.js
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.7 kB (1693 bytes)
Hash
d7b61a7f2acbc3b1532d5d473a65eafe
17ab21a5f49c5ffda2106159f4c7c77a791b21e5
29c0b0a5db57af93122bca27d4c301f5d1b7d34e5f410a85b4c1af2e747a1407

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /system/resource/js/dynclicks.js HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 13:06:44 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Content-Length: 1693
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
Content-Language: zh-CN

ningxiaguotou.com/system/resource/js/vsbscreen.min.js

60.205.181.202

404 Not Found

1.7 kB

URL HTTP/1.1
ningxiaguotou.com/system/resource/js/vsbscreen.min.js
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.7 kB (1693 bytes)
Hash
d7b61a7f2acbc3b1532d5d473a65eafe
17ab21a5f49c5ffda2106159f4c7c77a791b21e5
29c0b0a5db57af93122bca27d4c301f5d1b7d34e5f410a85b4c1af2e747a1407

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /system/resource/js/vsbscreen.min.js HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 13:06:44 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Content-Length: 1693
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html
Content-Language: zh-CN

ningxiaguotou.com/system/resource/js/counter.js

60.205.181.202

404 Not Found

1.7 kB

URL HTTP/1.1
ningxiaguotou.com/system/resource/js/counter.js
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.7 kB (1693 bytes)
Hash
d7b61a7f2acbc3b1532d5d473a65eafe
17ab21a5f49c5ffda2106159f4c7c77a791b21e5
29c0b0a5db57af93122bca27d4c301f5d1b7d34e5f410a85b4c1af2e747a1407

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /system/resource/js/counter.js HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 13:06:44 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Content-Length: 1693
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html
Content-Language: zh-CN

ningxiaguotou.com/system/resource/js/openlink.js

60.205.181.202

404 Not Found

1.7 kB

URL HTTP/1.1
ningxiaguotou.com/system/resource/js/openlink.js
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.7 kB (1693 bytes)
Hash
d7b61a7f2acbc3b1532d5d473a65eafe
17ab21a5f49c5ffda2106159f4c7c77a791b21e5
29c0b0a5db57af93122bca27d4c301f5d1b7d34e5f410a85b4c1af2e747a1407

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /system/resource/js/openlink.js HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 13:06:44 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Content-Length: 1693
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html
Content-Language: zh-CN

ningxiaguotou.com/system/resource/js/base64.js

60.205.181.202

404 Not Found

1.7 kB

URL HTTP/1.1
ningxiaguotou.com/system/resource/js/base64.js
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.7 kB (1693 bytes)
Hash
d7b61a7f2acbc3b1532d5d473a65eafe
17ab21a5f49c5ffda2106159f4c7c77a791b21e5
29c0b0a5db57af93122bca27d4c301f5d1b7d34e5f410a85b4c1af2e747a1407

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /system/resource/js/base64.js HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 13:06:44 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Content-Length: 1693
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html
Content-Language: zh-CN

ningxiaguotou.com/system/resource/js/formfunc.js

60.205.181.202

404 Not Found

1.7 kB

URL HTTP/1.1
ningxiaguotou.com/system/resource/js/formfunc.js
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.7 kB (1693 bytes)
Hash
d7b61a7f2acbc3b1532d5d473a65eafe
17ab21a5f49c5ffda2106159f4c7c77a791b21e5
29c0b0a5db57af93122bca27d4c301f5d1b7d34e5f410a85b4c1af2e747a1407

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /system/resource/js/formfunc.js HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 13:06:44 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Content-Length: 1693
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html
Content-Language: zh-CN

ningxiaguotou.com/system/resource/js/ajax.js

60.205.181.202

404 Not Found

1.7 kB

URL HTTP/1.1
ningxiaguotou.com/system/resource/js/ajax.js
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.7 kB (1693 bytes)
Hash
d7b61a7f2acbc3b1532d5d473a65eafe
17ab21a5f49c5ffda2106159f4c7c77a791b21e5
29c0b0a5db57af93122bca27d4c301f5d1b7d34e5f410a85b4c1af2e747a1407

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /system/resource/js/ajax.js HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 13:06:44 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Content-Length: 1693
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html
Content-Language: zh-CN

ningxiaguotou.com/system/resource/js/news/mp4video.js

60.205.181.202

404 Not Found

1.7 kB

URL HTTP/1.1
ningxiaguotou.com/system/resource/js/news/mp4video.js
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.7 kB (1693 bytes)
Hash
d7b61a7f2acbc3b1532d5d473a65eafe
17ab21a5f49c5ffda2106159f4c7c77a791b21e5
29c0b0a5db57af93122bca27d4c301f5d1b7d34e5f410a85b4c1af2e747a1407

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /system/resource/js/news/mp4video.js HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 13:06:45 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Content-Length: 1693
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html
Content-Language: zh-CN

ningxiaguotou.com/js/int.js

60.205.181.202

200 OK

2.5 kB

URL HTTP/1.1
ningxiaguotou.com/js/int.js
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
2.5 kB (2501 bytes)
Hash
3173daf66d215f69944eb931d1e4ed44
64867fbeef08d44795709ce4baa33b502aa3cf3a
c5d733d5b646c9519cf44e18082bb0a10322da520aba3deab0ca6960cc4ba989

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/int.js HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:45 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 01 Jul 2020 00:41:59 GMT
Accept-Ranges: bytes
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:45 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
ETag: "2630-5a9568f3d63c0-gzip"
Content-Length: 2501
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
Content-Language: zh-CN

ningxiaguotou.com/js/lrscroll.js

60.205.181.202

200 OK

1.3 kB

URL HTTP/1.1
ningxiaguotou.com/js/lrscroll.js
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.3 kB (1339 bytes)
Hash
59fec889c31dc2c47beb14638d6614b9
10abdc59de5ba333279a0a1f61d6e8c2710b4702
bb9a814305d60bc3a0281e2a25b9d9e1086f36c4308c4a53ddb056c59ccd7753

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/lrscroll.js HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:45 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 01 Jul 2020 00:42:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:45 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
ETag: "f7f-5a9568f4ca600-gzip"
Content-Length: 1339
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
Content-Language: zh-CN

ningxiaguotou.com/index.vsb.css

60.205.181.202

200 OK

506 B

URL HTTP/1.1
ningxiaguotou.com/index.vsb.css
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
Unicode text, UTF-8 text, with CRLF, LF line terminators
Size
506 B (506 bytes)
Hash
a1e6250f290f19188636dadde318646e
8fe69f83be011e45935a2bfa9e99a56442c9403f
6869ff57a410fdc54085056333290a51f95ce3f6529d8a26da567a229d825a24

HTTP Headers

GET /index.vsb.css HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:45 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 30 Nov 2022 10:33:27 GMT
Accept-Ranges: bytes
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:45 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
ETag: "797-5eeada28e0dd2-gzip"
Content-Length: 506
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
Content-Language: zh-CN

ningxiaguotou.com/js/koala.min.1.5.js

60.205.181.202

200 OK

17 kB

URL HTTP/1.1
ningxiaguotou.com/js/koala.min.1.5.js
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (35547), with CRLF line terminators
Size
17 kB (16819 bytes)
Hash
b1b95168c19cf03ad1f11136e8f454cc
b54bb5d7d0a68bb33e9a86a3b381942922276e77
06e812c0150fe6051ba72a0faab63fa66ddd56cf3f47298fd001f20f18bb174f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/koala.min.1.5.js HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:45 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 01 Jul 2020 00:42:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:45 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
ETag: "8b92-5a9568f4ca600-gzip"
Content-Length: 16819
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
Content-Language: zh-CN

ningxiaguotou.com/images/r.png

60.205.181.202

200 OK

1.9 kB

URL HTTP/1.1
ningxiaguotou.com/images/r.png
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 28 x 45, 8-bit/color RGBA, non-interlaced\012- data
Size
1.9 kB (1940 bytes)
Hash
001165ca21a3493270fb4d7221824ac0
d3f2733429c1e5896573913c851ed60dd6bb277b
d69ec8a5be4499b471f7ff92c2839ebc72c0e87837578c20d973353425b363c6

HTTP Headers

GET /images/r.png HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:45 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 01 Jul 2020 00:41:59 GMT
Accept-Ranges: bytes
Content-Length: 1940
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:45 GMT
ETag: "794-5a9568f3d63c0-gzip"
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
Content-Language: zh-CN

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14476
Expires: Tue, 06 Dec 2022 17:08:01 GMT
Date: Tue, 06 Dec 2022 13:06:45 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14476
Expires: Tue, 06 Dec 2022 17:08:01 GMT
Date: Tue, 06 Dec 2022 13:06:45 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14476
Expires: Tue, 06 Dec 2022 17:08:01 GMT
Date: Tue, 06 Dec 2022 13:06:45 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14476
Expires: Tue, 06 Dec 2022 17:08:01 GMT
Date: Tue, 06 Dec 2022 13:06:45 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11224 bytes)
Hash
b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:23:09 GMT
age: 53016
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8656 bytes)
Hash
30d72693680b3ac91c0eee4d47a26196
cd923a5a3810bfe86be2eca4b97c739d76756d93
69ca9e172f6b0c5bf158022d533701b89282630deaa0ce7df27ed459c9bfe75e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8656
x-amzn-requestid: cfc71f7f-d1c6-47c9-8107-864701dbf3c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwkEHmIAMFUnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d0-6705510852d26ae24b3e5ea4;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:24 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zTGiKMan3uG3edx5AsFabNE4eG_dmzrIIOFCWcOxYN0UgSCGTNTtxw==
via: 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:25 GMT
age: 53060
etag: "cd923a5a3810bfe86be2eca4b97c739d76756d93"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6352 bytes)
Hash
ebd3528452aecd80e39bbf82d3f71f2c
eaa956309d27052d466f7c4bd75b3bdf8443f251
680066dadbddc2cd7179ad5bdfbf9b2014ea601561e585d18dfcda73512ae84a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6352
x-amzn-requestid: cd970b83-2a99-4e38-afed-580d733040a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuWF1bIAMFcpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-1ba552306e857bb37424d679;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: P9Yc2Lh9Kw4AEDZyc9R9WExLdUnCitDeuy0NjttQM-EL1cdVndZxFA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:30:36 GMT
age: 52569
etag: "eaa956309d27052d466f7c4bd75b3bdf8443f251"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8660 bytes)
Hash
fddffc8edfa3ca668c8ac740d34f46c5
63483fc211cfb2808c7f37940a4065b4f4177c59
3c736f085f8f25d68c3dd946d5a546dc6d1f5f6e94a0da17b7fd4662d61a0b50

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8660
x-amzn-requestid: d5cf901f-bd2b-4269-918a-29a0bec09a40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uBG9IIAMFxcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1326-63b4ea925878dab212409f2b;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bywOU4HpwW6ebOdbHiI_ctX46Z-LXrUcRIVacGUtf_tyISXlXjOP4g==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:51:33 GMT
age: 54912
etag: "63483fc211cfb2808c7f37940a4065b4f4177c59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11175 bytes)
Hash
38b97436af942d5eb1111ca7043259a0
0234fe32c84c4711f0619714f3ac6d3db1b717d3
a76a7721355abbaecd5c8cb5218e7e4626dc345eb26e7541c71bf4ceaa7ae5d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11175
x-amzn-requestid: 9c93ddca-1247-44af-a364-e617f69ace26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzYEnEoAMFa2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e2-7d38ea383725901524bc2ca0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jqWuNfsDgPOsqxlX2HGJdhXm9GnGC-TBafSbSCrztICFgEwcyqc_iA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:22 GMT
age: 53063
etag: "0234fe32c84c4711f0619714f3ac6d3db1b717d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ningxiaguotou.com/system/resource/js/vsbscreen.min.js

60.205.181.202

404 Not Found

1.7 kB

URL HTTP/1.1
ningxiaguotou.com/system/resource/js/vsbscreen.min.js
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.7 kB (1693 bytes)
Hash
d7b61a7f2acbc3b1532d5d473a65eafe
17ab21a5f49c5ffda2106159f4c7c77a791b21e5
29c0b0a5db57af93122bca27d4c301f5d1b7d34e5f410a85b4c1af2e747a1407

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /system/resource/js/vsbscreen.min.js HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 13:06:45 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Content-Length: 1693
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
Content-Language: zh-CN

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11352 bytes)
Hash
7f2c354a00ab51d4a41221b6bf191c10
01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4
7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11352
x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwuF1ToAMFiIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aYf5d6wAJlPSXVwF5uQXUb1g_65z-v6tInk7IF64bBV-w31d3MKeIQ==
via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:23 GMT
age: 53062
etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ningxiaguotou.com/images/ztcolumn.png

60.205.181.202

200 OK

2.2 kB

URL HTTP/1.1
ningxiaguotou.com/images/ztcolumn.png
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 422 x 27, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2212 bytes)
Hash
7f868d6f97853be2fd785f1a828f6bd6
fd08efacc6fd58c04ab179cdf1f40a68206d6d03
a131e7bd1e41a4bf8b217e3a7c3fbf89a0e6dffae1572b8ebcc9638efce56af3

HTTP Headers

GET /images/ztcolumn.png HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:45 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 01 Jul 2020 00:42:00 GMT
Accept-Ranges: bytes
Content-Length: 2212
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:45 GMT
ETag: "8a4-5a9568f4ca600-gzip"
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
Content-Language: zh-CN

ningxiaguotou.com/system/resource/js/counter.js

60.205.181.202

404 Not Found

1.7 kB

URL HTTP/1.1
ningxiaguotou.com/system/resource/js/counter.js
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.7 kB (1693 bytes)
Hash
d7b61a7f2acbc3b1532d5d473a65eafe
17ab21a5f49c5ffda2106159f4c7c77a791b21e5
29c0b0a5db57af93122bca27d4c301f5d1b7d34e5f410a85b4c1af2e747a1407

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /system/resource/js/counter.js HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 13:06:46 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Content-Length: 1693
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html
Content-Language: zh-CN

ningxiaguotou.com/images/ztzl3.jpg

60.205.181.202

200 OK

31 kB

URL HTTP/1.1
ningxiaguotou.com/images/ztzl3.jpg
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 422x89, components 3\012- data
Size
31 kB (30986 bytes)
Hash
917010b65227d06993490f231f4a373b
ad6634408cb93fa67d169cc03949cd77e5e1bdb9
3d1d91c96b3791eb1bbeada2b0fbc7faab2b6c9aa0f944b3477bd49f81337f84

HTTP Headers

GET /images/ztzl3.jpg HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:45 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 25 Oct 2019 05:16:34 GMT
Accept-Ranges: bytes
Content-Length: 30986
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:45 GMT
ETag: "790a-595b540e63080-gzip"
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: zh-CN

ningxiaguotou.com/images/1991.png

60.205.181.202

200 OK

68 kB

URL HTTP/1.1
ningxiaguotou.com/images/1991.png
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 422 x 89, 8-bit/color RGBA, non-interlaced\012- data
Size
68 kB (68537 bytes)
Hash
af97e55b27378c2d1c91ee17a3275ad5
78393049c602339ff6b8a82bcf31937bccd3ea00
ac27ce636fa9360c7e087f6178a114c178f624db1573089790d97ee05d0335ff

HTTP Headers

GET /images/1991.png HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:45 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 22 Mar 2021 11:40:55 GMT
Accept-Ranges: bytes
Content-Length: 68537
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:45 GMT
ETag: "10bb9-5be1e89dfdfc0-gzip"
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
Content-Language: zh-CN

ningxiaguotou.com/images/ztzl.jpg

60.205.181.202

200 OK

46 kB

URL HTTP/1.1
ningxiaguotou.com/images/ztzl.jpg
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 422x89, components 3\012- data
Size
46 kB (46113 bytes)
Hash
e39c7a73d11a5876dcdc5063e0e29dbb
f74ee192c60db2be53e11fb8d6a3abffba471379
56908ad34b486ddc21610cee2ebd0f7b2f9a52ac7a61e7b7c3c427daed9f44ff

HTTP Headers

GET /images/ztzl.jpg HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:45 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 10 Sep 2019 13:22:06 GMT
Accept-Ranges: bytes
Content-Length: 46113
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:45 GMT
ETag: "b421-59232ca715b80-gzip"
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: zh-CN

ningxiaguotou.com/images/ztzl4.jpg

60.205.181.202

200 OK

38 kB

URL HTTP/1.1
ningxiaguotou.com/images/ztzl4.jpg
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 422x89, components 3\012- data
Size
38 kB (38353 bytes)
Hash
f55304b7883ff45400f373c9e2f5a25c
551f637163e9ffa2365f361056ab3f07a0f0ec45
f4aab19e5b104281de74dd6a02b27af75f65837e1174938638111b7021d55a5e

HTTP Headers

GET /images/ztzl4.jpg HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:46 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 25 Oct 2019 05:17:10 GMT
Accept-Ranges: bytes
Content-Length: 38353
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:46 GMT
ETag: "95d1-595b5430b8180-gzip"
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: zh-CN

ningxiaguotou.com/images/bj.jpg

60.205.181.202

404 Not Found

1.7 kB

URL HTTP/1.1
ningxiaguotou.com/images/bj.jpg
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.7 kB (1693 bytes)
Hash
d7b61a7f2acbc3b1532d5d473a65eafe
17ab21a5f49c5ffda2106159f4c7c77a791b21e5
29c0b0a5db57af93122bca27d4c301f5d1b7d34e5f410a85b4c1af2e747a1407

HTTP Headers

GET /images/bj.jpg HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/css/style.css

HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 13:06:46 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Content-Length: 1693
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html
Content-Language: zh-CN

ningxiaguotou.com/system/resource/js/dynclicks.js

60.205.181.202

404 Not Found

1.7 kB

URL HTTP/1.1
ningxiaguotou.com/system/resource/js/dynclicks.js
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.7 kB (1693 bytes)
Hash
d7b61a7f2acbc3b1532d5d473a65eafe
17ab21a5f49c5ffda2106159f4c7c77a791b21e5
29c0b0a5db57af93122bca27d4c301f5d1b7d34e5f410a85b4c1af2e747a1407

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /system/resource/js/dynclicks.js HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 13:06:46 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Content-Length: 1693
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html
Content-Language: zh-CN

ningxiaguotou.com/images/danghuiicon.png

60.205.181.202

200 OK

27 kB

URL HTTP/1.1
ningxiaguotou.com/images/danghuiicon.png
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 469 x 69, 8-bit/color RGBA, non-interlaced\012- data
Size
27 kB (27110 bytes)
Hash
bcf30939f57a8fbd3b942cfc193f788d
a8ee62ffa2b9613237759a5de33307afdfceb358
1cbf3aee42a4183c2130a0620ff2ae7409ad6f6d66aba6efb87a282e8151db0d

HTTP Headers

GET /images/danghuiicon.png HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:46 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Sun, 16 Oct 2022 02:21:20 GMT
Accept-Ranges: bytes
Content-Length: 27110
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:46 GMT
ETag: "69e6-5eb1d83b7e800-gzip"
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
Content-Language: zh-CN

ningxiaguotou.com/js/Marquee.js

60.205.181.202

200 OK

2.8 kB

URL HTTP/1.1
ningxiaguotou.com/js/Marquee.js
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
2.8 kB (2814 bytes)
Hash
f61ff0e5b0deeb24d88278f08fdd191c
4ef0540819d0bc614602b4502c3c8eaccf562855
86f82f54d623339dda402e83437f9f985639fec78f1ca086824b530accc20e0f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/Marquee.js HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:44 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 01 Jul 2020 00:42:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:44 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
ETag: "2384-5a9568f4ca600-gzip"
Content-Length: 2814
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
Content-Language: zh-CN

ningxiaguotou.com/images/sp.png

60.205.181.202

200 OK

5.6 kB

URL HTTP/1.1
ningxiaguotou.com/images/sp.png
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 411 x 229, 8-bit/color RGBA, non-interlaced\012- data
Size
5.6 kB (5594 bytes)
Hash
9e751ea2429da7d60cd3e1864eeafbdd
7afa7ad977bb40086f5af477d386d75c071b88b2
4ab34efa55f081b3f2aa7533411065cf3f5af206339163d104f8f4e661aba3b2

HTTP Headers

GET /images/sp.png HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:46 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 10 Sep 2019 13:22:02 GMT
Accept-Ranges: bytes
Content-Length: 5594
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:46 GMT
ETag: "15da-59232ca345280-gzip"
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
Content-Language: zh-CN

ningxiaguotou.com/system/resource/js/openlink.js

60.205.181.202

404 Not Found

1.7 kB

URL HTTP/1.1
ningxiaguotou.com/system/resource/js/openlink.js
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.7 kB (1693 bytes)
Hash
d7b61a7f2acbc3b1532d5d473a65eafe
17ab21a5f49c5ffda2106159f4c7c77a791b21e5
29c0b0a5db57af93122bca27d4c301f5d1b7d34e5f410a85b4c1af2e747a1407

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /system/resource/js/openlink.js HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 13:06:46 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Content-Length: 1693
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html
Content-Language: zh-CN

ningxiaguotou.com/images/yqlj2.png

60.205.181.202

200 OK

1.6 kB

URL HTTP/1.1
ningxiaguotou.com/images/yqlj2.png
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 23 x 23, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1647 bytes)
Hash
ed2b95bd256e5b01da43bf8767fd99c5
c66f52c6e523382a8fb8a65bd4bf5460d0e98331
9f98d4d5926dd46e079eb471d78f47d22766ef1e4df33c48dd5fe229983c132e

HTTP Headers

GET /images/yqlj2.png HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/css/style.css

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:46 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 10 Sep 2019 13:27:23 GMT
Accept-Ranges: bytes
Content-Length: 1647
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:46 GMT
ETag: "66f-59232dd5664c0-gzip"
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
Content-Language: zh-CN

ningxiaguotou.com/__local/0/6E/C2/6DEE116DCE33819FEC8F6783D4A_E78068E1_E37B.jpg

60.205.181.202

200 OK

58 kB

URL HTTP/1.1
ningxiaguotou.com/__local/0/6E/C2/6DEE116DCE33819FEC8F6783D4A_E78068E1_E37B.jpg
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x516, components 3\012- data
Size
58 kB (58235 bytes)
Hash
06ec26dee116dce33819fec8f6783d4a
052a6a8ecddafb214ecb0757cb61500b80d06fb9
ab4f2321bfd9c91d160128b0ed7c159642d7e0caf8c94e8d50b1b7038be84745

HTTP Headers

GET /__local/0/6E/C2/6DEE116DCE33819FEC8F6783D4A_E78068E1_E37B.jpg HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:46 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 10 Jun 2022 10:14:55 GMT
Accept-Ranges: bytes
Content-Length: 58235
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:46 GMT
ETag: "e37b-5e11535b265c0-gzip"
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: zh-CN

ningxiaguotou.com/images/logo.png

60.205.181.202

200 OK

11 kB

URL HTTP/1.1
ningxiaguotou.com/images/logo.png
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 455 x 53, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (10638 bytes)
Hash
c4ff4904dbbcad38cd3ecfb448ea6199
d008ccb7104f65fbd0c7f0673c1482ec30ca5029
cfa7681bf925f75e2452a35aa3a0ad79e1c6cbb4ca15ccee42cfaf4e7148c2ff

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:46 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 10 Sep 2019 13:27:20 GMT
Accept-Ranges: bytes
Content-Length: 10638
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:46 GMT
ETag: "298e-59232dd289e00-gzip"
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
Content-Language: zh-CN

ningxiaguotou.com/images/ss.png

60.205.181.202

200 OK

1.3 kB

URL HTTP/1.1
ningxiaguotou.com/images/ss.png
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 18 x 17, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1304 bytes)
Hash
dcdb69bea6791e487c2b01a6ddc316bd
ec571bafb619caa4e2395a25e8fba4fba20b7ff2
b40e731d95583065f9080a9483ab9f9a93c4c2b59aa592ed053a7ee79924016e

HTTP Headers

GET /images/ss.png HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:46 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 10 Sep 2019 13:27:23 GMT
Accept-Ranges: bytes
Content-Length: 1304
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:46 GMT
ETag: "518-59232dd5664c0-gzip"
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
Content-Language: zh-CN

ningxiaguotou.com/images/zc.png

60.205.181.202

200 OK

3.3 kB

URL HTTP/1.1
ningxiaguotou.com/images/zc.png
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 130 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3275 bytes)
Hash
d8d45035430e6d81e237c4f9115a7a55
aae9f7808cf7ebfdc99ce162e615a2a86fc95972
498f69f52c379bc152cea329d53940991453a5c31cb0dbb572cc578f6ea36258

HTTP Headers

GET /images/zc.png HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:47 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 23 Sep 2021 10:22:59 GMT
Accept-Ranges: bytes
Content-Length: 3275
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:47 GMT
ETag: "ccb-5cca703ce26c0-gzip"
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
Content-Language: zh-CN

ningxiaguotou.com/system/resource/js/base64.js

60.205.181.202

404 Not Found

1.7 kB

URL HTTP/1.1
ningxiaguotou.com/system/resource/js/base64.js
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.7 kB (1693 bytes)
Hash
d7b61a7f2acbc3b1532d5d473a65eafe
17ab21a5f49c5ffda2106159f4c7c77a791b21e5
29c0b0a5db57af93122bca27d4c301f5d1b7d34e5f410a85b4c1af2e747a1407

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /system/resource/js/base64.js HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 13:06:47 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Content-Length: 1693
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html
Content-Language: zh-CN

ningxiaguotou.com/images/close4.png

60.205.181.202

200 OK

1.4 kB

URL HTTP/1.1
ningxiaguotou.com/images/close4.png
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1435 bytes)
Hash
fe6a2c7bcf4b64d0f91e0e606e64e8e1
8c05cd7875c8a0448b323800718f624226c22d75
189f0c2a1ccc2861448f599e2db1f850ddd09260b2833542f5473c67b9677558

HTTP Headers

GET /images/close4.png HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/css/style.css

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:47 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 10 Sep 2019 13:27:19 GMT
Accept-Ranges: bytes
Content-Length: 1435
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:47 GMT
ETag: "59b-59232dd195bc0-gzip"
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
Content-Language: zh-CN

ningxiaguotou.com/images/lj.png

60.205.181.202

200 OK

1.1 kB

URL HTTP/1.1
ningxiaguotou.com/images/lj.png
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1064 bytes)
Hash
1dc072c0d98ce3ddf8ca894696df1d47
c8a3d2d1accb91b30987da9c77460e4109395e17
69081b1fe12942e909de68adb041580f420172796eaed7d18b5351b99e706ba0

HTTP Headers

GET /images/lj.png HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/css/style.css

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:47 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 10 Sep 2019 13:27:19 GMT
Accept-Ranges: bytes
Content-Length: 1064
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:47 GMT
ETag: "428-59232dd195bc0-gzip"
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
Content-Language: zh-CN

ningxiaguotou.com/system/resource/js/formfunc.js

60.205.181.202

404 Not Found

1.7 kB

URL HTTP/1.1
ningxiaguotou.com/system/resource/js/formfunc.js
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.7 kB (1693 bytes)
Hash
d7b61a7f2acbc3b1532d5d473a65eafe
17ab21a5f49c5ffda2106159f4c7c77a791b21e5
29c0b0a5db57af93122bca27d4c301f5d1b7d34e5f410a85b4c1af2e747a1407

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /system/resource/js/formfunc.js HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 13:06:47 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Content-Length: 1693
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html
Content-Language: zh-CN

ningxiaguotou.com/images/more2.png

60.205.181.202

200 OK

1.1 kB

URL HTTP/1.1
ningxiaguotou.com/images/more2.png
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 14 x 18, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1095 bytes)
Hash
6cd7bce5167a9781ec8f6ba186143f60
aba400ed222c3b01de8a74e51d61404f2ba265b1
6df66ea98a5af3eaa0b6d0ba61bfb64206190cd50ecbec9d9c1f5ee3547aaab6

HTTP Headers

GET /images/more2.png HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:47 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 01 Jul 2020 00:42:00 GMT
Accept-Ranges: bytes
Content-Length: 1095
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:47 GMT
ETag: "447-5a9568f4ca600-gzip"
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
Content-Language: zh-CN

ningxiaguotou.com/__local/9/1B/16/8CF9B1335A4E337D8EE7C40083A_4A149E02_4D5.png?e=.png

60.205.181.202

200 OK

1.2 kB

URL HTTP/1.1
ningxiaguotou.com/__local/9/1B/16/8CF9B1335A4E337D8EE7C40083A_4A149E02_4D5.png?e=.png
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 18 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1237 bytes)
Hash
91b168cf9b1335a4e337d8ee7c40083a
c4871e1d6ec46c7fa1b494481e671291567bcc56
416388a4a02574d7bea7d11128ad2627383c4b939d74e9b3fa754905b82f2a43

HTTP Headers

GET /__local/9/1B/16/8CF9B1335A4E337D8EE7C40083A_4A149E02_4D5.png?e=.png HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:47 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Sun, 09 Oct 2022 08:05:35 GMT
Accept-Ranges: bytes
Content-Length: 1237
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:47 GMT
ETag: "4d5-5ea9581f691c0-gzip"
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
Content-Language: zh-CN

ningxiaguotou.com/images/645d371454da9e89195dfa8beefc982.jpg

60.205.181.202

200 OK

27 kB

URL HTTP/1.1
ningxiaguotou.com/images/645d371454da9e89195dfa8beefc982.jpg
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 258x258, components 3\012- data
Size
27 kB (27312 bytes)
Hash
bafe2b4f2494148db1163347a457efde
5aa52081ed2c60c0382f86a73f98e84b12aa0eed
aa8c47a2e1f1200354bc7aef27b28f21b3f75bb6ea86750121cd11ab13cc8c72

HTTP Headers

GET /images/645d371454da9e89195dfa8beefc982.jpg HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:47 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 25 Sep 2019 08:55:28 GMT
Accept-Ranges: bytes
Content-Length: 27312
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:47 GMT
ETag: "6ab0-5935cd081e000-gzip"
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: zh-CN

ningxiaguotou.com/images/navx11.png

60.205.181.202

200 OK

964 B

URL HTTP/1.1
ningxiaguotou.com/images/navx11.png
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 9 x 6, 8-bit/color RGBA, non-interlaced\012- data
Size
964 B (964 bytes)
Hash
d9bdc7f60dd2d978b22b42ad51cd974a
75d9f5b064c221b2652a1169a8967b59bbd147a0
97ca4c5d1963790ce765ec704f4395d14388ba889383fd80930321e640df2d9f

HTTP Headers

GET /images/navx11.png HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/css/nav.css

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:47 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 10 Sep 2019 13:27:23 GMT
Accept-Ranges: bytes
Content-Length: 964
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:47 GMT
ETag: "3c4-59232dd5664c0-gzip"
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
Content-Language: zh-CN

ningxiaguotou.com/images/ershidasybg.jpg

60.205.181.202

200 OK

337 kB

URL HTTP/1.1
ningxiaguotou.com/images/ershidasybg.jpg
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1052, components 3\012- data
Size
337 kB (337065 bytes)
Hash
6bb9dbb67f020a2b6fd4e8a9af4bcc6e
0cb9b9ae3f6645a2fbd767c5c11b56b30c5325c2
350ec408f41647493551c14e0da18859640007065dcf599ffd10ecce1b742eb4

HTTP Headers

GET /images/ershidasybg.jpg HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:46 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Sun, 16 Oct 2022 02:21:28 GMT
Accept-Ranges: bytes
Content-Length: 337065
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:46 GMT
ETag: "524a9-5eb1d8431fa00-gzip"
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: zh-CN

ningxiaguotou.com/images/more3.png

60.205.181.202

200 OK

1.1 kB

URL HTTP/1.1
ningxiaguotou.com/images/more3.png
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 14 x 18, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1097 bytes)
Hash
9436926e8c376ee6821bdf85904dd01e
98003e2ec404dba3896252055fa56fd7f824ad00
b1d25be6e33dea9ac9370f5341e1365e128631826ba1aef4c8877b85418c4614

HTTP Headers

GET /images/more3.png HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:48 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 01 Jul 2020 00:42:00 GMT
Accept-Ranges: bytes
Content-Length: 1097
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:48 GMT
ETag: "449-5a9568f4ca600-gzip"
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
Content-Language: zh-CN

ningxiaguotou.com/images/19/09/26/16d9g9lo4m/xuexijijinping.jpg

60.205.181.202

200 OK

168 kB

URL HTTP/1.1
ningxiaguotou.com/images/19/09/26/16d9g9lo4m/xuexijijinping.jpg
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=724, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1400x100, components 3\012- data
Size
168 kB (167765 bytes)
Hash
5c5edd4cfe5685c2b68591d7ff28616e
42c4f55aba8963f472d010aadb85c6573a6a9a21
fd30bf8987f16990cd8298cf11308da198bb26bf25a9ddffd6609a21093f664e

HTTP Headers

GET /images/19/09/26/16d9g9lo4m/xuexijijinping.jpg HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:48 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 01 Jul 2020 00:54:12 GMT
Accept-Ranges: bytes
Content-Length: 167765
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:48 GMT
ETag: "28f55-5a956baee1500-gzip"
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: zh-CN

ningxiaguotou.com/images/2022020609.png

60.205.181.202

200 OK

90 kB

URL HTTP/1.1
ningxiaguotou.com/images/2022020609.png
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 900 x 95, 8-bit/color RGB, non-interlaced\012- data
Size
90 kB (89812 bytes)
Hash
23f8a9a0a74657333a7e591f9c21ba74
cb95ac65c98c5c8e02665dc85782c8e97e4b554b
63a075473f5e91c0cca2531735a5d0dd1446bed160ea5611ada3c91cc5afa141

HTTP Headers

GET /images/2022020609.png HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:46 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 09 Jun 2022 10:57:18 GMT
Accept-Ranges: bytes
Content-Length: 89812
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:46 GMT
ETag: "15ed4-5e101af6e1f80-gzip"
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
Content-Language: zh-CN

ningxiaguotou.com/__local/E/B1/E0/CD5DCF45AFF8793C13341B8FE8E_29C0BB0B_1302E.jpg

60.205.181.202

200 OK

78 kB

URL HTTP/1.1
ningxiaguotou.com/__local/E/B1/E0/CD5DCF45AFF8793C13341B8FE8E_29C0BB0B_1302E.jpg
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x682, components 3\012- data
Size
78 kB (77870 bytes)
Hash
eb1e0cd5dcf45aff8793c13341b8fe8e
d8a3b288abd04788efdb98a503b07f62d6c2f856
49b265c91b7f4e1247c45a184debcf502525e981329b8a833f8618d31a6ff59d

HTTP Headers

GET /__local/E/B1/E0/CD5DCF45AFF8793C13341B8FE8E_29C0BB0B_1302E.jpg HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:48 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 10 Nov 2022 10:30:33 GMT
Accept-Ranges: bytes
Content-Length: 77870
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:48 GMT
ETag: "1302e-5ed1b43538440-gzip"
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: zh-CN

ningxiaguotou.com/__local/D/B7/74/48A0350623894E467E782B64150_A8410E05_13F3D.jpg

60.205.181.202

200 OK

82 kB

URL HTTP/1.1
ningxiaguotou.com/__local/D/B7/74/48A0350623894E467E782B64150_A8410E05_13F3D.jpg
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 220x220, segment length 16, baseline, precision 8, 960x640, components 3\012- data
Size
82 kB (81725 bytes)
Hash
db77448a0350623894e467e782b64150
322802d475d8559e3c0b8185ac494c24c7aa462c
b18068221087ad33c130c4390013dcd74d079f3e71b69f36fbd7af0a7d1d9fd8

HTTP Headers

GET /__local/D/B7/74/48A0350623894E467E782B64150_A8410E05_13F3D.jpg HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:49 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 09 Nov 2022 12:11:02 GMT
Accept-Ranges: bytes
Content-Length: 81725
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:49 GMT
ETag: "13f3d-5ed088cd76180-gzip"
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: zh-CN

ningxiaguotou.com/images/l.png

60.205.181.202

200 OK

1.9 kB

URL HTTP/1.1
ningxiaguotou.com/images/l.png
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 28 x 45, 8-bit/color RGBA, non-interlaced\012- data
Size
1.9 kB (1947 bytes)
Hash
e9c0295c884035e5be3041786f06fb76
3f43d445f7a4044d918fec3b82b6c8456276f53d
fa03920c385f357ea51d6bed8fed5bb5e7dbc1b9811d3d637fc8c9ad99ea2d1f

HTTP Headers

GET /images/l.png HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:49 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 01 Jul 2020 00:42:00 GMT
Accept-Ranges: bytes
Content-Length: 1947
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:49 GMT
ETag: "79b-5a9568f4ca600-gzip"
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
Content-Language: zh-CN

ningxiaguotou.com/images/1101.png

60.205.181.202

200 OK

116 kB

URL HTTP/1.1
ningxiaguotou.com/images/1101.png
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 1400 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
116 kB (115815 bytes)
Hash
d8ce38a498019d1aecc841b06f43a1ab
95413d5ce78b53c8b4ac626296e26ee40609b2c6
3f2c8f865aa570586bffb3dd7f27666a4fa1a64fe88790fa81f4907eb0fb38fe

HTTP Headers

GET /images/1101.png HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:48 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 01 Nov 2022 12:11:27 GMT
Accept-Ranges: bytes
Content-Length: 115815
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:48 GMT
ETag: "1c467-5ec679f99d9c0-gzip"
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
Content-Language: zh-CN

ningxiaguotou.com/images/ad.jpg

60.205.181.202

200 OK

130 kB

URL HTTP/1.1
ningxiaguotou.com/images/ad.jpg
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2020:02:09 14:15:23], baseline, precision 8, 1400x100, components 3\012- data
Size
130 kB (130078 bytes)
Hash
c082c01d5038aa3c7a3b4318c9c58729
11cf2c425460bdc7fbcab209ee14ae3365872965
fa017cbe132ddb27b77dc87f702fa0093d7d07880264e87a7622c202ca213cb3

HTTP Headers

GET /images/ad.jpg HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:50 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 01 Jul 2020 00:42:00 GMT
Accept-Ranges: bytes
Content-Length: 130078
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:50 GMT
ETag: "1fc1e-5a9568f4ca600-gzip"
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: zh-CN

ningxiaguotou.com/__local/B/2F/5E/79CC7F98C9C475E025E27530936_CB9780DE_19454.jpg

60.205.181.202

200 OK

104 kB

URL HTTP/1.1
ningxiaguotou.com/__local/B/2F/5E/79CC7F98C9C475E025E27530936_CB9780DE_19454.jpg
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x682, components 3\012- data
Size
104 kB (103508 bytes)
Hash
b2f5e79cc7f98c9c475e025e27530936
4ff2271175bfe40322688af8f8eb185098a82d3c
48e51ac5732fae54c4a4eb552cfb55a3f061390b8f51aab9a4374dae910d53c5

HTTP Headers

GET /__local/B/2F/5E/79CC7F98C9C475E025E27530936_CB9780DE_19454.jpg HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:49 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Sat, 19 Nov 2022 12:28:34 GMT
Accept-Ranges: bytes
Content-Length: 103508
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:49 GMT
ETag: "19454-5edd1f5f56080-gzip"
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: zh-CN

ningxiaguotou.com/images/more1.png

60.205.181.202

200 OK

1.1 kB

URL HTTP/1.1
ningxiaguotou.com/images/more1.png
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 14 x 18, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1103 bytes)
Hash
59915756548a2b50ac8e41e27f24d0d5
eff18d790988e6cb9a087e4e32048cc4d1012ca9
cdf8d6347bd5aeb88f46efa08ef5410dd66a94ddd69dcca8b209da0dcc1162c1

HTTP Headers

GET /images/more1.png HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:50 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 01 Jul 2020 00:42:00 GMT
Accept-Ranges: bytes
Content-Length: 1103
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:50 GMT
ETag: "44f-5a9568f4ca600-gzip"
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
Content-Language: zh-CN

ningxiaguotou.com/system/resource/js/ajax.js

60.205.181.202

404 Not Found

1.7 kB

URL HTTP/1.1
ningxiaguotou.com/system/resource/js/ajax.js
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.7 kB (1693 bytes)
Hash
d7b61a7f2acbc3b1532d5d473a65eafe
17ab21a5f49c5ffda2106159f4c7c77a791b21e5
29c0b0a5db57af93122bca27d4c301f5d1b7d34e5f410a85b4c1af2e747a1407

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /system/resource/js/ajax.js HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 13:06:47 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Content-Length: 1693
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html
Content-Language: zh-CN

ningxiaguotou.com/system/resource/js/ajax.js

60.205.181.202

404 Not Found

1.7 kB

URL HTTP/1.1
ningxiaguotou.com/system/resource/js/ajax.js
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.7 kB (1693 bytes)
Hash
d7b61a7f2acbc3b1532d5d473a65eafe
17ab21a5f49c5ffda2106159f4c7c77a791b21e5
29c0b0a5db57af93122bca27d4c301f5d1b7d34e5f410a85b4c1af2e747a1407

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /system/resource/js/ajax.js HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 13:06:51 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Content-Length: 1693
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html
Content-Language: zh-CN

ningxiaguotou.com/images/0628.jpg

60.205.181.202

200 OK

26 kB

URL HTTP/1.1
ningxiaguotou.com/images/0628.jpg
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1253x80, components 3\012- data
Size
26 kB (25783 bytes)
Hash
3238c839f41f29edd4a7f345543702cb
835e892d54a2538d10b45eb989254dbe94f49166
14e9c0e687598913e573f7b6e54322f02a132498f704fa73fecfbd49bee91df9

HTTP Headers

GET /images/0628.jpg HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:47 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 28 Jun 2022 10:09:38 GMT
Accept-Ranges: bytes
Content-Length: 25783
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:47 GMT
ETag: "64b7-5e27f3bf21c80-gzip"
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: zh-CN

ningxiaguotou.com/images/tb2.png

60.205.181.202

200 OK

938 B

URL HTTP/1.1
ningxiaguotou.com/images/tb2.png
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 4 x 4, 8-bit/color RGBA, non-interlaced\012- data
Size
938 B (938 bytes)
Hash
334235c21286f6899369fd9a5aa1fc9d
33f9737ea71c23e7d1c21bb39a61c8049a42a650
ea7f03956d682bf10ee058f4329d858c8899246573bf416535977fbc7a28aa86

HTTP Headers

GET /images/tb2.png HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/css/style.css

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:51 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 10 Sep 2019 13:27:21 GMT
Accept-Ranges: bytes
Content-Length: 938
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:51 GMT
ETag: "3aa-59232dd37e040-gzip"
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png
Content-Language: zh-CN

ningxiaguotou.com/images/dj.png

60.205.181.202

200 OK

18 kB

URL HTTP/1.1
ningxiaguotou.com/images/dj.png
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 220 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (18369 bytes)
Hash
be3af6730a7019dea8c65aee1bbf394c
f1f96cc8aa5ec098ea2fc2e7f5b3b97c7b141d7e
2945c64ae97f57f108887cb006ce1a2c5febdb09d1090b1c3f896269948cd6c6

HTTP Headers

GET /images/dj.png HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/css/style.css

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:51 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 10 Sep 2019 13:27:19 GMT
Accept-Ranges: bytes
Content-Length: 18369
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:51 GMT
ETag: "47c1-59232dd195bc0-gzip"
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png
Content-Language: zh-CN

ningxiaguotou.com/images/column2.jpg

60.205.181.202

200 OK

1.1 kB

URL HTTP/1.1
ningxiaguotou.com/images/column2.jpg
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 42x4, components 3\012- data
Size
1.1 kB (1127 bytes)
Hash
e73ad71630f68b1f1012b6d45d709b9e
cd768567acc3e678eaee629318437f8ca97e7723
9b91e77b05578ad75e810456d5a850b3ad41d580361ad610755dd94cb4014307

HTTP Headers

GET /images/column2.jpg HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/css/style.css

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:51 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 10 Sep 2019 13:27:20 GMT
Accept-Ranges: bytes
Content-Length: 1127
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:51 GMT
ETag: "467-59232dd289e00-gzip"
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: zh-CN

ningxiaguotou.com/images/column1.jpg

60.205.181.202

200 OK

1.1 kB

URL HTTP/1.1
ningxiaguotou.com/images/column1.jpg
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 34x4, components 3\012- data
Size
1.1 kB (1131 bytes)
Hash
263f2de044abf9d14f13bf00f313c88b
111a81f68d2c587ed1bed72664657c90bd51e2c0
cadd50a26fd55480d4409f7bdb2d84aacf50d5f56d93766537b5906093dbfe1b

HTTP Headers

GET /images/column1.jpg HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/css/style.css

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:51 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 10 Sep 2019 13:27:20 GMT
Accept-Ranges: bytes
Content-Length: 1131
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:51 GMT
ETag: "46b-59232dd289e00-gzip"
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: zh-CN

ningxiaguotou.com/images/tb1.png

60.205.181.202

200 OK

931 B

URL HTTP/1.1
ningxiaguotou.com/images/tb1.png
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 4 x 4, 8-bit/color RGBA, non-interlaced\012- data
Size
931 B (931 bytes)
Hash
a40d76de5e70846be0c479762a269a1b
78dcd91ec38f68727a2fafd9f84f1caefe204df8
ac68ff2b60d9ef0c5505caf12262335400e758cf60482ff1d3da0a1c4e482e9e

HTTP Headers

GET /images/tb1.png HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/css/style.css

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:51 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 10 Sep 2019 13:27:21 GMT
Accept-Ranges: bytes
Content-Length: 931
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:51 GMT
ETag: "3a3-59232dd37e040-gzip"
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
Content-Language: zh-CN

ningxiaguotou.com/images/jticonbg.png

60.205.181.202

200 OK

4.0 kB

URL HTTP/1.1
ningxiaguotou.com/images/jticonbg.png
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
4.0 kB (3977 bytes)
Hash
ccdcee343540094c17c08c5c5f992ae9
96bb8489eac286fd6dc1466361d212779c5c670f
6e5caf262e66e9654cfba2daa64ebfbcfd88f93f97f262ca21af6ad3391a3de4

HTTP Headers

GET /images/jticonbg.png HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/css/style.css

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:52 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 10 Sep 2019 13:27:19 GMT
Accept-Ranges: bytes
Content-Length: 3977
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:52 GMT
ETag: "f89-59232dd195bc0-gzip"
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/png
Content-Language: zh-CN

ningxiaguotou.com/images/jticon2.png

60.205.181.202

200 OK

2.2 kB

URL HTTP/1.1
ningxiaguotou.com/images/jticon2.png
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 45 x 38, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2222 bytes)
Hash
669edda6b52068ae394ff792ce6f8db1
f28a5614e76fc4d0fd1de9f10f2b380cd610aac8
747a3a45328337925816dca408722faeb498d57ba73cc9a12615886fbfd29317

HTTP Headers

GET /images/jticon2.png HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/css/style.css

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:52 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 10 Sep 2019 13:27:22 GMT
Accept-Ranges: bytes
Content-Length: 2222
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:52 GMT
ETag: "8ae-59232dd472280-gzip"
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/png
Content-Language: zh-CN

ningxiaguotou.com/images/jticon1.png

60.205.181.202

200 OK

1.8 kB

URL HTTP/1.1
ningxiaguotou.com/images/jticon1.png
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 45 x 38, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1790 bytes)
Hash
83e57ef215d2e9066ee4a1e1880f8012
42bec22f2df9b66cc94c97bb995ebf37f0fb0515
daa2d9ebabbb45fd533fcea38bcbe77214662b0e103b7c18637cef5c3d2e60bd

HTTP Headers

GET /images/jticon1.png HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/css/style.css

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:52 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 10 Sep 2019 13:27:22 GMT
Accept-Ranges: bytes
Content-Length: 1790
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:52 GMT
ETag: "6fe-59232dd472280-gzip"
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/png
Content-Language: zh-CN

ningxiaguotou.com/images/jticon3.png

60.205.181.202

200 OK

1.5 kB

URL HTTP/1.1
ningxiaguotou.com/images/jticon3.png
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 45 x 38, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 kB (1491 bytes)
Hash
7ce5e6da43c4909f6a7e891c7db491ba
44ac5f930e51d26e55bfe69abb729e17a3c882ec
5668d6d55687b2cccbd55a5a40fc08dd1683366c47956b1411d116d4339a8412

HTTP Headers

GET /images/jticon3.png HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/css/style.css

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:52 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 10 Sep 2019 13:27:22 GMT
Accept-Ranges: bytes
Content-Length: 1491
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:52 GMT
ETag: "5d3-59232dd472280-gzip"
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/png
Content-Language: zh-CN

ningxiaguotou.com/system/resource/js/news/mp4video.js

60.205.181.202

404 Not Found

1.7 kB

URL HTTP/1.1
ningxiaguotou.com/system/resource/js/news/mp4video.js
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.7 kB (1693 bytes)
Hash
d7b61a7f2acbc3b1532d5d473a65eafe
17ab21a5f49c5ffda2106159f4c7c77a791b21e5
29c0b0a5db57af93122bca27d4c301f5d1b7d34e5f410a85b4c1af2e747a1407

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /system/resource/js/news/mp4video.js HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 13:06:51 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Content-Length: 1693
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html
Content-Language: zh-CN

ningxiaguotou.com/__local/0/E3/59/9A40A9DCC2D59952B8AA5E32D76_67B1B108_16173.jpg

60.205.181.202

200 OK

0 B

URL HTTP/1.1
ningxiaguotou.com/__local/0/E3/59/9A40A9DCC2D59952B8AA5E32D76_67B1B108_16173.jpg
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /__local/0/E3/59/9A40A9DCC2D59952B8AA5E32D76_67B1B108_16173.jpg HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:49 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 17 Nov 2022 06:29:40 GMT
Accept-Ranges: bytes
Content-Length: 90483
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:49 GMT
ETag: "16173-5eda4b6bfdd00-gzip"
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: zh-CN

ningxiaguotou.com/images/jt.jpg

60.205.181.202

200 OK

0 B

URL HTTP/1.1
ningxiaguotou.com/images/jt.jpg
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/jt.jpg HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/css/style.css

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:51 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 10 Sep 2019 13:27:19 GMT
Accept-Ranges: bytes
Content-Length: 37611
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:51 GMT
ETag: "92eb-59232dd195bc0-gzip"
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: zh-CN

ningxiaguotou.com/images/yw.jpg

60.205.181.202

200 OK

0 B

URL HTTP/1.1
ningxiaguotou.com/images/yw.jpg
IP
60.205.181.202:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/yw.jpg HTTP/1.1
Host: ningxiaguotou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ningxiaguotou.com/css/style.css

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:06:51 GMT
Server: **********
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 10 Sep 2019 13:27:20 GMT
Accept-Ranges: bytes
Content-Length: 243877
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 14:06:51 GMT
ETag: "3b8a5-59232dd289e00-gzip"
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: zh-CN

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (30)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations