Report - 106.12.224.4/manage.7z

Report Overview

Submitted URL
106.12.224.4/manage.7z
IP
106.12.224.4
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Submitted
2023-01-02 16:20:56
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.dcocsp.cn	33518	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	4.3 kB	47.246.44.225
baoxian.dxmstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.2 kB	310 kB	185.10.104.115
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	359 B	1.9 kB	104.18.21.226
hm.baidu.com	8254	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	13 kB	103.235.46.191
w1.dxmstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	701 B	58.254.180.65
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
106.12.224.4	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.4 kB	40 kB	106.12.224.4
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	797 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.43.158.219
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	53 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-02	medium	106.12.224.4	Sinkholed
2023-01-02	medium	106.12.224.4	Sinkholed
2023-01-02	medium	106.12.224.4	Sinkholed
2023-01-02	medium	106.12.224.4	Sinkholed
2023-01-02	medium	106.12.224.4	Sinkholed
2023-01-02	medium	106.12.224.4	Sinkholed
2023-01-02	medium	106.12.224.4	Sinkholed
2023-01-02	medium	106.12.224.4	Sinkholed
2023-01-02	medium	106.12.224.4	Sinkholed

JavaScript (14)

	URL	Size	First Seen	Last Seen
	106.12.224.4/manage.7z	2.2 kB	2023-03-08	2023-03-26
Pretty URL 106.12.224.4/manage.7z IP 106.12.224.4 ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:00:46 Last Seen2023-03-26 08:39:53 Times Seen3 Hash 75a1824a800e1d587f3f5bed665b39a8 1261c2f7b9a4890595f14994bacd2ad80f65ed89 2d8406e9d8e741c39d7142336fa21c7a1414e06123e7585f26e70ab6e130f5c0 Loading...

	baoxian.dxmstatic.com/assets/m/js/app.41ba883a.chunk.js	407 kB	2023-03-12	2023-03-12
Pretty URL baoxian.dxmstatic.com/assets/m/js/app.41ba883a.chunk.js IP 185.10.104.115 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 12:58:01 Last Seen2023-03-12 18:12:49 Times Seen1 Hash b28fcbacf01d7f7f3ae9a6bc0be55cf1 5fa7b718e8f8dfaeec2d083cdc6878636474a167 5ac90606e6d06932dbcd383206d12b49581490053e0f71236cdb6a4be15ce1d0 Loading...

	baoxian.dxmstatic.com/assets/m/js/jquery.b9ec3c55.chunk.js	89 kB	2023-03-08	2023-03-12
Pretty URL baoxian.dxmstatic.com/assets/m/js/jquery.b9ec3c55.chunk.js IP 185.10.104.115 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:00:46 Last Seen2023-03-12 18:12:49 Times Seen1 Hash 06cb59acfa4ae5ee58fc26096cdc4887 b5ebb1ca0d7fd7fe80032f751af5e85fa57968f5 d22188e4b0320db9b2e02b39441d04001a134f5366cf11bc70f05f0473bf2ce5 Loading...

	hm.baidu.com/hm.js?d5ba068ce0bdbb86e2be209d513162f8	30 kB	2023-03-12	2023-03-12
Pretty URL hm.baidu.com/hm.js?d5ba068ce0bdbb86e2be209d513162f8 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 12:58:01 Last Seen2023-03-12 12:58:01 Times Seen1 Hash f55c55e2a24c1e2facbbd5952321618d 1dd52e0bfd62d3ad4cf8d1ecef66165bf02dbee8 1918f948e88da02377862bdc64adfa566366163821cbca2a19b613f8279a58c8 Loading...

	106.12.224.4/manage.7z	625 B	2023-03-08	2023-03-12
Pretty URL 106.12.224.4/manage.7z IP 106.12.224.4 ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:00:46 Last Seen2023-03-12 18:12:50 Times Seen1 Hash b7f8f97aa3bc175f0a58e3c0afb348fc 974d602c1a0fc4d726db210cb7a9bee2022ae450 74a9e27a027a9c55848e1750cb29921eb01dea42dc02abc9ba2bbfc37af9496f Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 15:16:31 Times Seen37040231 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	baoxian.dxmstatic.com/assets/m/js/vue.89a1f894.chunk.js	153 kB	2023-03-11	2023-03-12
Pretty URL baoxian.dxmstatic.com/assets/m/js/vue.89a1f894.chunk.js IP 185.10.104.115 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:57:12 Last Seen2023-03-12 18:12:50 Times Seen1 Hash 846270d09f2266066f22b80226664d71 64e740c7e9d652663128a7944cbb6331e41e50c4 04f175e4d8911e8e805fc80b5e7472fd43a0657d1f25fa0868f96e85e4b3cc36 Loading...

	baoxian.dxmstatic.com/assets/m/js/23.f041d1c9.chunk.js	54 kB	2023-03-12	2023-03-12
Pretty URL baoxian.dxmstatic.com/assets/m/js/23.f041d1c9.chunk.js IP 185.10.104.115 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 12:58:01 Last Seen2023-03-12 18:12:50 Times Seen1 Hash 01de5e2012ae22c51a58ea6f32f50e97 b9d97c56a0ef84f668755bb2d5872feb66ec38c0 3441ef4cf65db779f498b00e1acfc9264a1cccb043829f8b0292fd6931205de7 Loading...

	baoxian.dxmstatic.com/assets/m/js/1.146819cd.chunk.js	136 kB	2023-03-08	2023-03-13
Pretty URL baoxian.dxmstatic.com/assets/m/js/1.146819cd.chunk.js IP 185.10.104.115 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:00:46 Last Seen2023-03-13 14:18:23 Times Seen1 Hash a8a0348bf4b478bcc63cdd4f93bf1f8e 87e07d41fd3f7efa6f963286627c59e341ca6bbb b11ab6d872fb2b2b6a1d1b58d6afeb7b37b5cb45fd56762bd804c6295bc4bd53 Loading...

	baoxian.dxmstatic.com/assets/m/js/manifest.f10d032e.bundle.js	8.2 kB	2023-03-12	2023-03-12
Pretty URL baoxian.dxmstatic.com/assets/m/js/manifest.f10d032e.bundle.js IP 185.10.104.115 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 12:58:01 Last Seen2023-03-12 18:12:49 Times Seen1 Hash 0da387d78df464d9856e9a32496c42b8 270dcfadc9c71f809fad8644a8713ebe72af982e c0a73d0c56a0199e8070df9d5732cd03cbf3adb63bf87f0f78f6b4475493f8e6 Loading...

	baoxian.dxmstatic.com/assets/m/js/lodash.fd812dc4.chunk.js	71 kB	2023-03-08	2023-03-12
Pretty URL baoxian.dxmstatic.com/assets/m/js/lodash.fd812dc4.chunk.js IP 185.10.104.115 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:00:46 Last Seen2023-03-12 18:12:49 Times Seen1 Hash d8fae3dd9df6005c12cb9f91d3c6dcbc a38ce2a10f1720cd6e264f3b3c5ff2ed54597ebb 804a4f4d154ce95c8ed441cc191ce01d2b15f55af546ed40bc5f3c2a6dbeb2d6 Loading...

	106.12.224.4/manage.7z	37 B	2023-03-12	2023-03-12
Pretty URL 106.12.224.4/manage.7z IP 106.12.224.4 ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 12:58:01 Last Seen2023-03-12 12:58:01 Times Seen1 Hash aa73a39fc4a1a39ab11f4079be7220d3 8786e1f7e8a19df3706b9d5d079c991e609c202d a9f25ce0c2e009cc8747a68e5c54961d95b3356b22f8776bcabdb79a67b23230 Loading...

	106.12.224.4/assets/monitor/insur-monitor-web.js	47 kB	2023-03-12	2023-03-13
Pretty URL 106.12.224.4/assets/monitor/insur-monitor-web.js IP 106.12.224.4 ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 12:58:01 Last Seen2023-03-13 18:29:24 Times Seen1 Hash 8a86ca7c65c927262aafa4bcc6951b28 d1602ab8b26da957dffafdc55926858a5936e0cd eb3997c2f048ea22ba0dfe64465e07af9099610648900866f76949abf72760c6 Loading...

	w1.dxmstatic.com/static/xstatic2/todotask/todotask.1.6.js?r=2021110213	46 kB	2023-03-08	2023-04-17
Pretty URL w1.dxmstatic.com/static/xstatic2/todotask/todotask.1.6.js?r=2021110213 IP 58.254.180.65 ASN #136958 China Unicom Guangdong IP network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:00:46 Last Seen2023-04-17 18:23:03 Times Seen12 Hash fe8f3061fa936e98d539def4a938d366 7fabd5b337d87b58e06ffa5114a50e35147dcd03 4e5cdf8da15f2aa124584d3d3f8b1b63479d75886149ea04c576c51253910e55 Loading...

HTTP Transactions (49)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
16803ffa29e10ee999c43eb4e4acfe92
a5ede865a388fa440f20994b43c417d403e9a493
08de8f6abb622e84d2cb6e88dee8fc7c408147ac43da9c24d4cde510ed36b53a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08DE8F6ABB622E84D2CB6E88DEE8FC7C408147AC43DA9C24D4CDE510ED36B53A"
Last-Modified: Mon, 02 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10248
Expires: Mon, 02 Jan 2023 19:11:32 GMT
Date: Mon, 02 Jan 2023 16:20:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8afcbdfc50b3ac9488d629a1a4923b81
933fe7b84c2fbd931da70e92c86fa89110e7cfe7
9857b3b813177c23f90a7e53c7ec1f878362b1da27bc19493bebffc358a4b852

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9857B3B813177C23F90A7E53C7EC1F878362B1DA27BC19493BEBFFC358A4B852"
Last-Modified: Sun, 01 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4181
Expires: Mon, 02 Jan 2023 17:30:25 GMT
Date: Mon, 02 Jan 2023 16:20:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b0a4b7e28ad3a91135d52c7457790b5
075f22ab45d169766252467ae44903250e480f9b
312744aeb6fcc4296025205bc70c40316dd3c8a4b626669ac43e32c33104473a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "312744AEB6FCC4296025205BC70C40316DD3C8A4B626669AC43E32C33104473A"
Last-Modified: Sat, 31 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3753
Expires: Mon, 02 Jan 2023 17:23:17 GMT
Date: Mon, 02 Jan 2023 16:20:44 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 02 Jan 2023 15:47:27 GMT
content-type: application/json
age: 1997
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: MlXpucGxlc8VgeXbHveW85Lytl2G4PRStL72j06+1BPsvL15/UrN2OiG17tCzmrAgP9GjRSaNp4=
x-amz-request-id: 51A5DK0XYJ6DX1JP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 02 Jan 2023 15:58:20 GMT
age: 1344
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 02 Jan 2023 16:20:44 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

106.12.224.4/manage.7z

106.12.224.4

200 OK

2.2 kB

URL HTTP/1.1
106.12.224.4/manage.7z
IP
106.12.224.4:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2956)
Size
2.2 kB (2189 bytes)
Hash
858db528a2a74563db16971d70e8dca9
620b74069f82f4b7a80c989762d65cf2426b2521
56e2aa31e6eff4fa8a51fe5ab548251438ef7b78779e347e28f4ec74f1de0070

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /manage.7z HTTP/1.1
Host: 106.12.224.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 02 Jan 2023 16:20:44 GMT
Etag: W/"63a912e2-12d6"
Last-Modified: Mon, 26 Dec 2022 03:20:02 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: Apache
Set-Cookie: DXMBXID=DXMBXID58493c73-0367-43fa-b60d-276d74a06b14; path=/; expires=Wed, 17-Dec-25 16:20:44 GMT
BAIDUID=A2C44BC4480536FE30ED8E647A458D33:FG=1; expires=Tue, 02-Jan-24 16:20:44 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Tracecode: 22448853932132122890010300
Vary: Accept-Encoding
Transfer-Encoding: chunked

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Last-Modified, Retry-After, Content-Type, Alert, Pragma, ETag, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 02 Jan 2023 15:33:35 GMT
age: 2830
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

106.12.224.4/insurweb/app/h5_app/point?spm=101.0.0.0&event_tag=AUTO_render-html-path/manage.7z

106.12.224.4

301 Moved Permanently

162 B

URL HTTP/1.1
106.12.224.4/insurweb/app/h5_app/point?spm=101.0.0.0&event_tag=AUTO_render-html-path/manage.7z
IP
106.12.224.4:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /insurweb/app/h5_app/point?spm=101.0.0.0&event_tag=AUTO_render-html-path/manage.7z HTTP/1.1
Host: 106.12.224.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://106.12.224.4/manage.7z
Cookie: DXMBXID=DXMBXID58493c73-0367-43fa-b60d-276d74a06b14

HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html
Date: Mon, 02 Jan 2023 16:20:45 GMT
Location: https://106.12.224.4/p?spm=101.0.0.0&event_tag=AUTO_render-html-path/manage.7z
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: Apache
Set-Cookie: BAIDUID=872D053AA7B830A0677ACDB63E295C3C:FG=1; expires=Tue, 02-Jan-24 16:20:45 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Tracecode: 22452451432182585610010300
Transfer-Encoding: chunked

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
949e1488247f88de92a236c833157150
742a3f40ac2806fda515365bfb8683aa66b8f7b0
7d7cecfbae5143277933d1e1abdb6f5295b595edfe2fc83068a8a3eca8d797bf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3423
Cache-Control: max-age=150196
Content-Type: application/ocsp-response
Date: Mon, 02 Jan 2023 16:20:45 GMT
Etag: "63b29eb2-1d7"
Expires: Wed, 04 Jan 2023 10:04:01 GMT
Last-Modified: Mon, 02 Jan 2023 09:06:58 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.43.158.219

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.43.158.219:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1ZHCIFJlryiNGJzUUtxdMw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Z75Z8J+W3wItxuih3Lvy2aIjNk0=

106.12.224.4/assets/monitor/insur-monitor-web.js

106.12.224.4

200 OK

17 kB

URL HTTP/1.1
106.12.224.4/assets/monitor/insur-monitor-web.js
IP
106.12.224.4:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
Unicode text, UTF-8 text, with very long lines (47119)
Size
17 kB (17257 bytes)
Hash
4d45f7ce1eef4ab1cb73b33a1026b656
1ea9cf9137c7eaea39e6516776bfbb162f316745
b1e09b472d198fa011e4411a38e1ad529b967e29e110df24e0964704378ec070

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/monitor/insur-monitor-web.js HTTP/1.1
Host: 106.12.224.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://106.12.224.4/manage.7z
Cookie: DXMBXID=DXMBXID58493c73-0367-43fa-b60d-276d74a06b14

HTTP/1.1 200 OK
Cache-Control: max-age=600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: application/x-javascript
Date: Mon, 02 Jan 2023 16:20:45 GMT
Etag: W/"639ab991-b877"
Expires: Mon, 02 Jan 2023 16:30:45 GMT
Last-Modified: Thu, 15 Dec 2022 06:07:13 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: Apache
Set-Cookie: BAIDUID=687427B88BB47C8278AE98EB69B092D6:FG=1; expires=Tue, 02-Jan-24 16:20:45 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Strict-Transport-Security: max-age=5400; includeSubDomains
Tracecode: 22453072162182585610010300
Vary: Accept-Encoding
Transfer-Encoding: chunked

ocsp.dcocsp.cn/

47.246.44.225

200 OK

471 B

URL HTTP/1.1
ocsp.dcocsp.cn/
IP
47.246.44.225:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
972d3f679a11342ace875508533b8182
3b710e07fbc633c09e1edda3e6fe211cd63809d3
7b472b579a0e91b8ec3aa75ba50c5b7b59345ff24fdcd9390ded9100c4e010ea

HTTP Headers

POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Mon, 02 Jan 2023 16:20:46 GMT
Last-Modified: Mon, 02 Jan 2023 02:18:33 GMT
ETag: "63b23ef9-1d7"
Expires: Wed, 04 Jan 2023 02:18:33 GMT
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1672676446
Via: cache21.l2de2[20,20,200-0,M], cache23.l2de2[21,0], cache1.se1[44,44,200-0,M], cache1.se1[45,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 02 Jan 2023 16:20:46 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 2ff62c9516726764466428941e

ocsp.dcocsp.cn/

47.246.44.225

200 OK

471 B

URL HTTP/1.1
ocsp.dcocsp.cn/
IP
47.246.44.225:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
972d3f679a11342ace875508533b8182
3b710e07fbc633c09e1edda3e6fe211cd63809d3
7b472b579a0e91b8ec3aa75ba50c5b7b59345ff24fdcd9390ded9100c4e010ea

HTTP Headers

POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Mon, 02 Jan 2023 16:20:46 GMT
Last-Modified: Mon, 02 Jan 2023 02:18:33 GMT
ETag: "63b23ef9-1d7"
Expires: Wed, 04 Jan 2023 02:18:33 GMT
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1672676446
Via: cache21.l2de2[20,19,200-0,C], cache19.l2de2[21,0], cache3.se1[43,43,200-0,M], cache3.se1[45,0]
Age: 0
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 02 Jan 2023 16:20:46 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 2ff62c9716726764466407964e

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c4719f10b16aa492c5dbdb8a1bfc20af
21831c11bfc9679c9f0ebc1f6a39284a5d16be56
c8682ee9e025254ee9cd1d9c663a40707cb170c141a328a7de07ded8de06f787

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8682EE9E025254EE9CD1D9C663A40707CB170C141A328A7DE07DED8DE06F787"
Last-Modified: Sun, 01 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2717
Expires: Mon, 02 Jan 2023 17:06:03 GMT
Date: Mon, 02 Jan 2023 16:20:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c4719f10b16aa492c5dbdb8a1bfc20af
21831c11bfc9679c9f0ebc1f6a39284a5d16be56
c8682ee9e025254ee9cd1d9c663a40707cb170c141a328a7de07ded8de06f787

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8682EE9E025254EE9CD1D9C663A40707CB170C141A328A7DE07DED8DE06F787"
Last-Modified: Sun, 01 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2717
Expires: Mon, 02 Jan 2023 17:06:03 GMT
Date: Mon, 02 Jan 2023 16:20:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c4719f10b16aa492c5dbdb8a1bfc20af
21831c11bfc9679c9f0ebc1f6a39284a5d16be56
c8682ee9e025254ee9cd1d9c663a40707cb170c141a328a7de07ded8de06f787

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8682EE9E025254EE9CD1D9C663A40707CB170C141A328A7DE07DED8DE06F787"
Last-Modified: Sun, 01 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2717
Expires: Mon, 02 Jan 2023 17:06:03 GMT
Date: Mon, 02 Jan 2023 16:20:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c4719f10b16aa492c5dbdb8a1bfc20af
21831c11bfc9679c9f0ebc1f6a39284a5d16be56
c8682ee9e025254ee9cd1d9c663a40707cb170c141a328a7de07ded8de06f787

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8682EE9E025254EE9CD1D9C663A40707CB170C141A328A7DE07DED8DE06F787"
Last-Modified: Sun, 01 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2717
Expires: Mon, 02 Jan 2023 17:06:03 GMT
Date: Mon, 02 Jan 2023 16:20:46 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2fb1a6c7-1739-4b4c-ae46-a2d718fb6c34.jpeg

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2fb1a6c7-1739-4b4c-ae46-a2d718fb6c34.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5684 bytes)
Hash
e628ac1e25757ac0177f4a392d6b7ddb
d457e65190f24dce30af852e07b2d55f1fe5d808
b51790825ceb10ba7d5ec69081c098b7c82e72e4128dc1c23fa4f45495fbfa65

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2fb1a6c7-1739-4b4c-ae46-a2d718fb6c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5684
x-amzn-requestid: a8295357-6fcf-436d-8884-cbc529f3cba4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dxSEVGMcIAMFdXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a9fd4e-3067d9957e1e512174ab34bc;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 20:00:14 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: EtuZPxnCkreWI54w2WxMjyLcaYxpZLg2mhCbN9OQ3UGN-9nukiCT9g==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 a3b5bb90516201e5ddd137696b7b0f50.cloudfront.net (CloudFront), 1.1 google
date: Mon, 02 Jan 2023 12:41:29 GMT
age: 13157
etag: "d457e65190f24dce30af852e07b2d55f1fe5d808"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa20aba0-739b-4b21-8651-376503398453.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5150 bytes)
Hash
2eac6cb10f73a9133b10b29991d36d28
50dbba1b337a139007815016c1e1d91309a3ac0e
8f8783c086623f20451d3e5321e2ca2ca64d559370e94b0c2aeb8dfe3c95207d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa20aba0-739b-4b21-8651-376503398453.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5150
x-amzn-requestid: ebece8b2-8256-42b6-8ae3-3654d2b7b319
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d6ZBEFUZoAMF2OQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ada206-10bdc2ae5ee1d4494ebcdaad;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 14:19:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: M-erf0gwboJTnX5LWgKYpEjsq5bHuAShdResjK97rTMV1bQNDUof6w==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 02 Jan 2023 06:23:21 GMT
age: 35845
etag: "50dbba1b337a139007815016c1e1d91309a3ac0e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb9e048a-d832-4c9c-bbf4-523cf2df949e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10904 bytes)
Hash
63e10036442be6087f22f671351bfcf4
d23fda523cd1581a497c1e8d93b6a3a65bbbd05d
bd17928141e8ba15eaf14f140f9cc6648502da10bef74dab32e1790f68d150d7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb9e048a-d832-4c9c-bbf4-523cf2df949e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10904
x-amzn-requestid: e672bb95-0521-41e2-b44d-18d108768f0c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFRyVGO0IAMFfsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b1fcdb-2e2b0c1e73840de93343ce08;Sampled=0
x-amzn-remapped-date: Sun, 01 Jan 2023 21:36:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RoBgvzAMnMxF47CsTpw8nEsyCcYeCsElL-FWeEE2G-c6lvPTR-6qqw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 21:48:43 GMT
age: 66723
etag: "d23fda523cd1581a497c1e8d93b6a3a65bbbd05d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3f5efb8-d662-4b58-9319-e024ddd04331.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7755 bytes)
Hash
f863eb68713f937898561731454ef32e
b0ca943b8ca57da9cf2c69384e5c598bdfb48d33
4af7b5228d39d0e47a159422483fa6ccf683920241a50e4c6348d176a2783a6c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3f5efb8-d662-4b58-9319-e024ddd04331.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7755
x-amzn-requestid: 8a52ee34-c50c-4a05-9fa3-17770c3d61ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFSNAFbJoAMFu8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b1fd86-09de8074042bc69045896070;Sampled=0
x-amzn-remapped-date: Sun, 01 Jan 2023 21:39:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Dif7NXuh8R-xqN9D-IgKbD4XD5txsWC9HeKrGvkT7LIRT2QiOVNdGQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 21:55:08 GMT
age: 66338
etag: "b0ca943b8ca57da9cf2c69384e5c598bdfb48d33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6390ab-134c-4c14-ae9e-9591400607a3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10426 bytes)
Hash
2a92938ba6a58bd49a9938a24e404cba
2adeb5279f5a130a4ddc05199bc7b0b197a3cabc
1779831cec3a72aa82e2dab789c043da6a7fa432ff75a644733b0ee5f81b965b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6390ab-134c-4c14-ae9e-9591400607a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10426
x-amzn-requestid: b6ad4eac-168a-477b-9883-f77fffc6468f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d5ZfRG7XIAMF7zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ad3c61-7766d0293ca12d6e2436ac66;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 07:06:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 64b2KYy3x32_Z7bLzCIDOVtTsC2OsBCcF4kmfb_2ZhulTcspF5c0Uw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 02 Jan 2023 07:36:02 GMT
age: 31484
etag: "2adeb5279f5a130a4ddc05199bc7b0b197a3cabc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b277398-f4fa-4af1-a6f3-47dc5a33ccf3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6459 bytes)
Hash
c0452f1ad1a7813d06adf22e178c5284
615a0072aa450329f48fbf30c921cdb6670b249a
72b733f965c7438896bcd95aac4c9bb10a83a2c35f1c459be488b6751dc1b311

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b277398-f4fa-4af1-a6f3-47dc5a33ccf3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6459
x-amzn-requestid: b972726f-8a3e-4078-a11d-ea03474aed50
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7a2EGwJIAMFvSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae0b59-183339ab019f2cbe168c8744;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 21:49:13 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: y59ckb1uCbY_b7u8lk9CGep3RI12eiJyikcmfRXvoss6jRT3CbsLFQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 02 Jan 2023 03:50:43 GMT
age: 45003
etag: "615a0072aa450329f48fbf30c921cdb6670b249a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.dcocsp.cn/

47.246.44.225

200 OK

471 B

URL HTTP/1.1
ocsp.dcocsp.cn/
IP
47.246.44.225:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
6cde81fc225005cc59ce01d3348e2ece
c58209eed571e6165c665c70a2c6c9fd3706b208
bd470e743c59ca5a5e7c2afc7b5ce8f45a59cb86b992202b4952c8fc234540ff

HTTP Headers

POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Mon, 02 Jan 2023 16:20:47 GMT
Last-Modified: Mon, 02 Jan 2023 10:42:25 GMT
ETag: "63b2b511-1d7"
Expires: Wed, 04 Jan 2023 10:42:25 GMT
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1672676447
Via: cache21.l2de2[4,3,200-0,H], cache5.l2de2[6,0], cache1.se1[27,27,200-0,M], cache1.se1[28,0]
Age: 0
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 02 Jan 2023 16:20:47 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 2ff62c9516726764473161354e

baoxian.dxmstatic.com/assets/m/js/manifest.f10d032e.bundle.js

185.10.104.115

200 OK

4.4 kB

URL HTTP/1.1
baoxian.dxmstatic.com/assets/m/js/manifest.f10d032e.bundle.js
IP
185.10.104.115:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (8214), with no line terminators
Size
4.4 kB (4420 bytes)
Hash
f4624946a2b1c4636b3e97bc6884cf27
fd616233fee2ee14b467a98cfb85984b36220e60
d748cda277e71a32bac73ca669c1b6f57e80169a99a6f750f8612e5c57ae9df0

HTTP Headers

GET /assets/m/js/manifest.f10d032e.bundle.js HTTP/1.1
Host: baoxian.dxmstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 02 Jan 2023 16:20:49 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 26 Dec 2022 03:20:02 GMT
ETag: "63a912e2-2016"
Content-Encoding: br
Age: 454891
Accept-Ranges: bytes
Strict-Transport-Security: max-age=5400; includeSubDomains
Tracecode: 45834610921873941770122815
Vary: Accept-Encoding
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 28 Dec 2022 07:59:43 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache51 [2], suzix51 [2]
Ohc-File-Size: 4420
X-Cache-Status: HIT

baoxian.dxmstatic.com/assets/m/js/lodash.fd812dc4.chunk.js

185.10.104.115

200 OK

26 kB

URL HTTP/1.1
baoxian.dxmstatic.com/assets/m/js/lodash.fd812dc4.chunk.js
IP
185.10.104.115:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
Unicode text, UTF-8 text, with very long lines (64902)
Size
26 kB (25901 bytes)
Hash
8f37e76d73e400a5002a26aad1fbc56f
c34c05894d1fcaf94783b44071f12fcd58b1186d
714ab1393e5e54ab14a1cddf93c25dcd575002cf819132669b226a253b27668f

HTTP Headers

GET /assets/m/js/lodash.fd812dc4.chunk.js HTTP/1.1
Host: baoxian.dxmstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 02 Jan 2023 16:20:49 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 10:16:48 GMT
ETag: "6374b890-1162a"
Content-Encoding: gzip
Age: 1021978
Accept-Ranges: bytes
Strict-Transport-Security: max-age=5400; includeSubDomains
Tracecode: 44948371044289795338112110
Vary: Accept-Encoding
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 21 Dec 2022 02:58:15 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache51 [4], czix212 [2]
Ohc-File-Size: 25901
X-Cache-Status: HIT

baoxian.dxmstatic.com/assets/m/js/vant.9e3f21e2.chunk.js

185.10.104.115

200 OK

43 kB

URL HTTP/1.1
baoxian.dxmstatic.com/assets/m/js/vant.9e3f21e2.chunk.js
IP
185.10.104.115:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
Unicode text, UTF-8 text, with very long lines (65160), with no line terminators
Size
43 kB (42832 bytes)
Hash
6aa27708c2a32cfba5bac7808305bfaa
fb0b2541ba07eb367b61a507a0ba94a49fbdac9f
e69faf10ac43344700355bf3f0454e4b04ca6e546868f71f4c956d35937a9c04

HTTP Headers

GET /assets/m/js/vant.9e3f21e2.chunk.js HTTP/1.1
Host: baoxian.dxmstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 02 Jan 2023 16:20:49 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 10:16:48 GMT
ETag: "6374b890-28e8d"
Content-Encoding: gzip
Age: 1021978
Accept-Ranges: bytes
Strict-Transport-Security: max-age=5400; includeSubDomains
Tracecode: 44947801350313660682112110
Vary: Accept-Encoding
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 21 Dec 2022 02:58:15 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache53 [4], bdix88 [2]
Ohc-File-Size: 42832
X-Cache-Status: HIT

baoxian.dxmstatic.com/assets/m/js/jquery.b9ec3c55.chunk.js

185.10.104.115

200 OK

32 kB

URL HTTP/1.1
baoxian.dxmstatic.com/assets/m/js/jquery.b9ec3c55.chunk.js
IP
185.10.104.115:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
Unicode text, UTF-8 text, with very long lines (61316)
Size
32 kB (32123 bytes)
Hash
4e6c116dc4f32dda92e9a219ef1597a4
257085a4fe8a0669b8bc3bcb2cb54b5bdf5515c4
6175190eff5422e26d186ab8ae13bc938f8982ce07df0c28128a789d15f9a5d8

HTTP Headers

GET /assets/m/js/jquery.b9ec3c55.chunk.js HTTP/1.1
Host: baoxian.dxmstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 02 Jan 2023 16:20:49 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 10:16:48 GMT
ETag: "6374b890-15a96"
Content-Encoding: gzip
Age: 1021978
Accept-Ranges: bytes
Strict-Transport-Security: max-age=5400; includeSubDomains
Tracecode: 44947898812132122890112110
Vary: Accept-Encoding
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 21 Dec 2022 02:58:15 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache51 [4], bdix72 [2]
Ohc-File-Size: 32123
X-Cache-Status: HIT

baoxian.dxmstatic.com/assets/m/js/app.41ba883a.chunk.js

185.10.104.115

200 OK

116 kB

URL HTTP/1.1
baoxian.dxmstatic.com/assets/m/js/app.41ba883a.chunk.js
IP
185.10.104.115:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
Unicode text, UTF-8 text, with very long lines (58408)
Size
116 kB (116037 bytes)
Hash
7e3462875854a53a13c8f8c080cbfc9b
7f8cbdc9eb37b8c5b007f94bb69adb221149d77f
608c38a8611183ca7f31df40a5e1411da6e82280af05501c276577a017daaf5c

HTTP Headers

GET /assets/m/js/app.41ba883a.chunk.js HTTP/1.1
Host: baoxian.dxmstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 02 Jan 2023 16:20:49 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 26 Dec 2022 03:20:02 GMT
ETag: "63a912e2-63650"
Content-Encoding: br
Age: 454891
Accept-Ranges: bytes
Strict-Transport-Security: max-age=5400; includeSubDomains
Tracecode: 45834911332182585610122815
Vary: Accept-Encoding
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 28 Dec 2022 07:59:43 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache57 [2], xaix149 [2]
Ohc-File-Size: 116037
X-Cache-Status: HIT

106.12.224.4/insurweb/app/h5_app/point

106.12.224.4

301 Moved Permanently

162 B

URL HTTP/1.1
106.12.224.4/insurweb/app/h5_app/point
IP
106.12.224.4:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /insurweb/app/h5_app/point HTTP/1.1
Host: 106.12.224.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json;charset=UTF-8
Content-Length: 558
Origin: http://106.12.224.4
Connection: keep-alive
Referer: http://106.12.224.4/manage.7z
Cookie: DXMBXID=DXMBXID58493c73-0367-43fa-b60d-276d74a06b14; LOG_SESSION_ID=1cca05b9-ab37-48e5-95eb-c34ae738e525-1672676441988

HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html
Date: Mon, 02 Jan 2023 16:20:50 GMT
Location: https://106.12.224.4/p
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: Apache
Set-Cookie: BAIDUID=B0BDF7F563C6B2D470241278F368F870:FG=1; expires=Tue, 02-Jan-24 16:20:50 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Tracecode: 22503763592769722634010300
Transfer-Encoding: chunked

baoxian.dxmstatic.com/assets/cms/static/img/favicon.ico?20200521

185.10.104.115

200 OK

676 B

URL HTTP/1.1
baoxian.dxmstatic.com/assets/cms/static/img/favicon.ico?20200521
IP
185.10.104.115:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size
676 B (676 bytes)
Hash
1a95f4b4edae0d313b02e0febf110ce3
0126a9db6c633c15689ae2ffcac303d5af3e342a
18035abf6f4af2cf478826d22ec2ceddbd6e976d18c479ae9e019dc732f74060

HTTP Headers

GET /assets/cms/static/img/favicon.ico?20200521 HTTP/1.1
Host: baoxian.dxmstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 02 Jan 2023 16:20:50 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 08 Dec 2022 20:29:21 GMT
Last-Modified: Wed, 20 May 2020 07:19:06 GMT
ETag: "5ec4d9ea-10be"
Cache-Control: max-age=600
Content-Encoding: br
Age: 2139953
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Tracecode: 14394048352132122890121702
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 08 Dec 2022 20:19:21 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache59 [1], suzix59 [1]
Ohc-File-Size: 4286
X-Cache-Status: HIT

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
7fe065f641969310d0d5c494aeedceba
a4842e40a096dbd3df7cbc43dbcbb3ca4022dbe7
f4c9076cc77690e3898eac92093f4ba0fc9fbe92e1120331b90f73eb23cb39e0

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 02 Jan 2023 16:20:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 06 Jan 2023 15:38:08 GMT
ETag: "a4842e40a096dbd3df7cbc43dbcbb3ca4022dbe7"
Last-Modified: Mon, 02 Jan 2023 15:38:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1451
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7834d30d784fb518-OSL

baoxian.dxmstatic.com/assets/m/js/23.f041d1c9.chunk.js

185.10.104.115

200 OK

13 kB

URL HTTP/1.1
baoxian.dxmstatic.com/assets/m/js/23.f041d1c9.chunk.js
IP
185.10.104.115:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
Unicode text, UTF-8 text, with very long lines (47805)
Size
13 kB (12799 bytes)
Hash
4378eb5739383c62f720d5918db0c48a
f7429405af758560c520d40a64c2f79a3531ac17
59728a19af5cd7cf3601eb5c78bb31b7db3d4d40b942275b474f40937b942170

HTTP Headers

GET /assets/m/js/23.f041d1c9.chunk.js HTTP/1.1
Host: baoxian.dxmstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 02 Jan 2023 16:20:52 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 26 Dec 2022 03:20:01 GMT
ETag: "63a912e1-d18e"
Content-Encoding: br
Age: 427983
Accept-Ranges: bytes
Strict-Transport-Security: max-age=5400; includeSubDomains
Tracecode: 22294270004289795338122816
Vary: Accept-Encoding
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 28 Dec 2022 08:20:29 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [4], zhuzuncache50 [1], xiangyix120 [2]
Ohc-File-Size: 12799
X-Cache-Status: HIT

baoxian.dxmstatic.com/assets/m/js/1.146819cd.chunk.js

185.10.104.115

200 OK

37 kB

URL HTTP/1.1
baoxian.dxmstatic.com/assets/m/js/1.146819cd.chunk.js
IP
185.10.104.115:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
37 kB (36795 bytes)
Hash
33e15ea983db12a1c26a100b1de755ed
3c87e3abde4797b5bc202f413aabd39b8dea8a57
d86cf9aa7c77c7ad894745fd7077430a4aa5bc8769bb48e10e01d5598aa730d1

HTTP Headers

GET /assets/m/js/1.146819cd.chunk.js HTTP/1.1
Host: baoxian.dxmstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 02 Jan 2023 16:20:52 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 10:16:48 GMT
ETag: "6374b890-21556"
Content-Encoding: gzip
Age: 824955
Accept-Ranges: bytes
Strict-Transport-Security: max-age=5400; includeSubDomains
Tracecode: 16842363542182585610120814
Vary: Accept-Encoding
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 08 Dec 2022 06:11:24 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache64 [4], czix203 [2]
Ohc-File-Size: 36795
X-Cache-Status: HIT

baoxian.dxmstatic.com/assets/cms/static/img/1-0/tab-mypolicy.png

185.10.104.115

200 OK

1.4 kB

URL HTTP/1.1
baoxian.dxmstatic.com/assets/cms/static/img/1-0/tab-mypolicy.png
IP
185.10.104.115:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
PNG image data, 66 x 66, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1428 bytes)
Hash
88b9b755ba8942b0e9da4555beb9906e
3cb193d70c7d42d36de024a55523db13576b2c90
6819c1a4bb4e669ea1c535f41a9fdc755c87c76a35fbeda9232ef483b1e533ec

HTTP Headers

GET /assets/cms/static/img/1-0/tab-mypolicy.png HTTP/1.1
Host: baoxian.dxmstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 02 Jan 2023 16:20:52 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 21 Dec 2022 12:15:56 GMT
Last-Modified: Mon, 16 Mar 2020 08:00:53 GMT
ETag: "5e6f3235-594"
Cache-Control: max-age=600
Age: 603586
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Tracecode: 19267331790313660682052519
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 21 Dec 2022 12:05:56 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [4], zhuzuncache60 [4], czix122 [4]
Ohc-File-Size: 1428
X-Cache-Status: HIT

baoxian.dxmstatic.com/assets/cms/static/img/1-0/tab-product.png

185.10.104.115

200 OK

1.8 kB

URL HTTP/1.1
baoxian.dxmstatic.com/assets/cms/static/img/1-0/tab-product.png
IP
185.10.104.115:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
PNG image data, 66 x 66, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1811 bytes)
Hash
920d21a770f3802c8d8aa62437c6fce0
ac3379973b749ed7216f1a83eff6779ef3b1b04c
d826f3ca72978439308bfb4f4a4a8c3ca80df5ece2a31b56adb904d4e798a645

HTTP Headers

GET /assets/cms/static/img/1-0/tab-product.png HTTP/1.1
Host: baoxian.dxmstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 02 Jan 2023 16:20:52 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 29 Dec 2022 10:06:20 GMT
Last-Modified: Mon, 16 Mar 2020 08:00:50 GMT
ETag: "5e6f3232-713"
Cache-Control: max-age=600
Age: 331326
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Tracecode: 41455181672132122890020216
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 29 Dec 2022 09:56:19 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache65 [2], xaix226 [4]
Ohc-File-Size: 1811
X-Cache-Status: HIT

hm.baidu.com/hm.js?d5ba068ce0bdbb86e2be209d513162f8

103.235.46.191

200 OK

12 kB

URL HTTP/1.1
hm.baidu.com/hm.js?d5ba068ce0bdbb86e2be209d513162f8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (1016)
Size
12 kB (11654 bytes)
Hash
b4a1ff330f28d62a1af3046ba8573839
fb99fa2f20ca0912a22c9ccff410bff79ada8000
64aeb959cf43a64731a8d4af20d2c9792daa46b479b88162b061da75982e7a41

HTTP Headers

GET /hm.js?d5ba068ce0bdbb86e2be209d513162f8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11654
Content-Type: application/javascript
Date: Mon, 02 Jan 2023 16:20:51 GMT
Etag: c389bfa1e571add7da20f8f7ed6e747c
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=8675C575D820F586; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

baoxian.dxmstatic.com/assets/cms/static/img/1-0/logo-dxm-2.png?20210429

185.10.104.115

200 OK

22 kB

URL HTTP/1.1
baoxian.dxmstatic.com/assets/cms/static/img/1-0/logo-dxm-2.png?20210429
IP
185.10.104.115:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
PNG image data, 670 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (22400 bytes)
Hash
55f2683a9fe39fab38d57e9304f55b45
ca2b3d8bb7a1be27c5ad6fa52ff9801a64112ec6
c333cafcf47120cdcbd13cfb749cfb4adaa42040a488326b929923d19ad9d3e9

HTTP Headers

GET /assets/cms/static/img/1-0/logo-dxm-2.png?20210429 HTTP/1.1
Host: baoxian.dxmstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 02 Jan 2023 16:20:52 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Dec 2022 07:26:20 GMT
Last-Modified: Thu, 29 Apr 2021 09:57:11 GMT
ETag: "608a82f7-5780"
Cache-Control: max-age=600
Age: 603744
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Tracecode: 39196922262769722634053012
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 26 Dec 2022 07:16:20 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [4], zhuzuncache55 [4], qdix133 [4]
Ohc-File-Size: 22400
X-Cache-Status: HIT

baoxian.dxmstatic.com/assets/cms/static/img/1-0/tab-home-active.png

185.10.104.115

200 OK

4.2 kB

URL HTTP/1.1
baoxian.dxmstatic.com/assets/cms/static/img/1-0/tab-home-active.png
IP
185.10.104.115:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
PNG image data, 66 x 66, 8-bit/color RGBA, non-interlaced\012- data
Size
4.2 kB (4247 bytes)
Hash
e8e150de175c06b591b6ddae7872c7db
4118ab1f65c76bb377d7e8d7792e276fcd3ab9bf
cda54809257ec181f6cac8b6ad4fec2d59a903d7d02736fa138499beb4c3f5f8

HTTP Headers

GET /assets/cms/static/img/1-0/tab-home-active.png HTTP/1.1
Host: baoxian.dxmstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 02 Jan 2023 16:20:52 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 29 Dec 2022 00:50:31 GMT
Last-Modified: Mon, 16 Mar 2020 08:00:53 GMT
ETag: "5e6f3235-1097"
Cache-Control: max-age=600
Age: 251406
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Tracecode: 28465974942132122890020200
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 29 Dec 2022 00:40:30 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache64 [4], bdix109 [4]
Ohc-File-Size: 4247
X-Cache-Status: HIT

106.12.224.4/insurweb/app/h5_app/point

106.12.224.4

301 Moved Permanently

162 B

URL HTTP/1.1
106.12.224.4/insurweb/app/h5_app/point
IP
106.12.224.4:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /insurweb/app/h5_app/point HTTP/1.1
Host: 106.12.224.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json;charset=UTF-8
Content-Length: 723
Origin: http://106.12.224.4
Connection: keep-alive
Referer: http://106.12.224.4/m/home
Cookie: DXMBXID=DXMBXID58493c73-0367-43fa-b60d-276d74a06b14; LOG_SESSION_ID=1cca05b9-ab37-48e5-95eb-c34ae738e525-1672676441988

HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html
Date: Mon, 02 Jan 2023 16:20:52 GMT
Location: https://106.12.224.4/p
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: Apache
Set-Cookie: BAIDUID=DE88B9ABB4AB5B8B34CCEE792E7A3DC1:FG=1; expires=Tue, 02-Jan-24 16:20:52 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Tracecode: 22525256702769722634010300
Transfer-Encoding: chunked

106.12.224.4/insurweb/app/h5_app/point

106.12.224.4

301 Moved Permanently

162 B

URL HTTP/1.1
106.12.224.4/insurweb/app/h5_app/point
IP
106.12.224.4:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /insurweb/app/h5_app/point HTTP/1.1
Host: 106.12.224.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json;charset=UTF-8
Content-Length: 528
Origin: http://106.12.224.4
Connection: keep-alive
Referer: http://106.12.224.4/m/home
Cookie: DXMBXID=DXMBXID58493c73-0367-43fa-b60d-276d74a06b14; LOG_SESSION_ID=1cca05b9-ab37-48e5-95eb-c34ae738e525-1672676441988

HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html
Date: Mon, 02 Jan 2023 16:20:52 GMT
Location: https://106.12.224.4/p
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: Apache
Set-Cookie: BAIDUID=0088DCB26FC1E83EBF8C6457EB6B9C15:FG=1; expires=Tue, 02-Jan-24 16:20:52 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Tracecode: 22525800662182585610010300
Transfer-Encoding: chunked

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2076705371&si=d5ba068ce0bdbb86e2be209d513162f8&v=1.3.0&lv=1&sn=26639&r=0&ww=1280&u=http%3A%2F%2F106.12.224.4%2Fm%2Fhome&tt=%E5%BA%A6%E5%B0%8F%E6%BB%A1%E4%BF%9D%E9%99%A9%E7%BB%8F%E7%BA%AA

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2076705371&si=d5ba068ce0bdbb86e2be209d513162f8&v=1.3.0&lv=1&sn=26639&r=0&ww=1280&u=http%3A%2F%2F106.12.224.4%2Fm%2Fhome&tt=%E5%BA%A6%E5%B0%8F%E6%BB%A1%E4%BF%9D%E9%99%A9%E7%BB%8F%E7%BA%AA
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2076705371&si=d5ba068ce0bdbb86e2be209d513162f8&v=1.3.0&lv=1&sn=26639&r=0&ww=1280&u=http%3A%2F%2F106.12.224.4%2Fm%2Fhome&tt=%E5%BA%A6%E5%B0%8F%E6%BB%A1%E4%BF%9D%E9%99%A9%E7%BB%8F%E7%BA%AA HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 02 Jan 2023 16:20:52 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=542489B46C70E6D1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

106.12.224.4/insurweb/app/h5_app/point

106.12.224.4

301 Moved Permanently

162 B

URL HTTP/1.1
106.12.224.4/insurweb/app/h5_app/point
IP
106.12.224.4:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /insurweb/app/h5_app/point HTTP/1.1
Host: 106.12.224.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json;charset=UTF-8
Content-Length: 778
Origin: http://106.12.224.4
Connection: keep-alive
Referer: http://106.12.224.4/m/home
Cookie: DXMBXID=DXMBXID58493c73-0367-43fa-b60d-276d74a06b14; LOG_SESSION_ID=1cca05b9-ab37-48e5-95eb-c34ae738e525-1672676441988

HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html
Date: Mon, 02 Jan 2023 16:20:52 GMT
Location: https://106.12.224.4/p
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: Apache
Set-Cookie: BAIDUID=6D4DAC2B5EA81ADD91AC69D25DC249CD:FG=1; expires=Tue, 02-Jan-24 16:20:52 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Tracecode: 22527852502182585610010300
Transfer-Encoding: chunked

106.12.224.4/insurweb/app/h5_app/point

106.12.224.4

301 Moved Permanently

162 B

URL HTTP/1.1
106.12.224.4/insurweb/app/h5_app/point
IP
106.12.224.4:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /insurweb/app/h5_app/point HTTP/1.1
Host: 106.12.224.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json;charset=UTF-8
Content-Length: 682
Origin: http://106.12.224.4
Connection: keep-alive
Referer: http://106.12.224.4/m/home
Cookie: DXMBXID=DXMBXID58493c73-0367-43fa-b60d-276d74a06b14; LOG_SESSION_ID=1cca05b9-ab37-48e5-95eb-c34ae738e525-1672676441988

HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html
Date: Mon, 02 Jan 2023 16:20:52 GMT
Location: https://106.12.224.4/p
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: Apache
Set-Cookie: BAIDUID=170CE8AF69D41897593BEE6B199EBAE4:FG=1; expires=Tue, 02-Jan-24 16:20:52 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Tracecode: 22527876772182585610010300
Transfer-Encoding: chunked

106.12.224.4/juhe/insurface/item/homepage?errTimes=0&from=4&channelId=&sourceChannel=&sessionId=1cca05b9-ab37-48e5-95eb-c34ae738e525-1672676441988&syncStokenTime=0&timestamp=27877940&type=1

106.12.224.4

200 OK

15 kB

URL HTTP/1.1
106.12.224.4/juhe/insurface/item/homepage?errTimes=0&from=4&channelId=&sourceChannel=&sessionId=1cca05b9-ab37-48e5-95eb-c34ae738e525-1672676441988&syncStokenTime=0&timestamp=27877940&type=1
IP
106.12.224.4:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (57463), with no line terminators
Size
15 kB (14727 bytes)
Hash
7cbc67081d8545d0a0e42c726ba582c3
625a08637f0af6f6cc3e6299e19faab055135368
31f38f41fef1c133c362cfb5871e4472ad66eba5c1ce603958dee2aa0955020a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /juhe/insurface/item/homepage?errTimes=0&from=4&channelId=&sourceChannel=&sessionId=1cca05b9-ab37-48e5-95eb-c34ae738e525-1672676441988&syncStokenTime=0&timestamp=27877940&type=1 HTTP/1.1
Host: 106.12.224.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: http://106.12.224.4/m/home
Cookie: DXMBXID=DXMBXID58493c73-0367-43fa-b60d-276d74a06b14; LOG_SESSION_ID=1cca05b9-ab37-48e5-95eb-c34ae738e525-1672676441988

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: application/json;charset=UTF-8
Date: Mon, 02 Jan 2023 16:20:52 GMT
Expires: 0
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Pragma: no-cache
Server: Apache
Set-Cookie: BAIDUID=6D4DAC2B5EA81ADD00D5CB071234876B:FG=1; expires=Tue, 02-Jan-24 16:20:52 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Strict-Transport-Security: max-age=5400; includeSubDomains
Tracecode: 12527965222282064394010300, 22528932072769722634010300
Vary: Accept-Encoding, Accept-Encoding
X-Application-Context: insuraggre:8680
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
Transfer-Encoding: chunked

ocsp.dcocsp.cn/

47.246.44.225

200 OK

471 B

URL HTTP/1.1
ocsp.dcocsp.cn/
IP
47.246.44.225:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
0599bda8398a4187fe137af01324e260
f8ed882410c47e0bb7c4a8bdd001c93555677aae
7c7307cc8baa6b22b7b01f342c2c94a38b8df13cddc262e54c01f288424cff63

HTTP Headers

POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Mon, 02 Jan 2023 15:52:33 GMT
Last-Modified: Mon, 02 Jan 2023 05:55:10 GMT
ETag: "63b271be-1d7"
Expires: Wed, 04 Jan 2023 05:55:10 GMT
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1672674753
Via: cache21.l2de2[0,0,200-0,H], cache2.l2de2[0,0], cache3.se1[24,24,200-0,M], cache3.se1[26,0]
Age: 1700
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 02 Jan 2023 16:20:53 GMT
X-Swift-CacheTime: 1900
Timing-Allow-Origin: *
EagleId: 2ff62c9716726764534224730e

w1.dxmstatic.com/static/xstatic2/todotask/todotask.1.6.js?r=2021110213

58.254.180.65

200 OK

0 B

URL HTTP/2
w1.dxmstatic.com/static/xstatic2/todotask/todotask.1.6.js?r=2021110213
IP
58.254.180.65:0
ASN
#136958 China Unicom Guangdong IP network

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/xstatic2/todotask/todotask.1.6.js?r=2021110213 HTTP/1.1
Host: w1.dxmstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 02 Jan 2023 16:20:47 GMT
content-type: application/x-javascript
expires: Wed, 21 Dec 2022 14:02:17 GMT
last-modified: Thu, 17 Mar 2022 04:51:19 GMT
cache-control: public,max-age=1800
content-encoding: gzip
age: 1045487
accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-headers: Content-Type,x-baidu-ie
access-control-allow-methods: POST, GET, OPTIONS
tracecode: 04470980953205537034062117
vary: Accept-Encoding
timing-allow-origin: *
ohc-global-saved-time: Wed, 21 Dec 2022 13:32:17 GMT
ohc-cache-hit: gz3un63 [2], jnuncache63 [2], wzix63 [4]
ohc-file-size: 16632
x-cache-status: HIT
X-Firefox-Spdy: h2

baoxian.dxmstatic.com/assets/m/js/vue.89a1f894.chunk.js

185.10.104.115

200 OK

0 B

URL HTTP/1.1
baoxian.dxmstatic.com/assets/m/js/vue.89a1f894.chunk.js
IP
185.10.104.115:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/m/js/vue.89a1f894.chunk.js HTTP/1.1
Host: baoxian.dxmstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://106.12.224.4/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 02 Jan 2023 16:20:49 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 10:16:48 GMT
ETag: "6374b890-255bc"
Content-Encoding: gzip
Age: 1021978
Accept-Ranges: bytes
Strict-Transport-Security: max-age=5400; includeSubDomains
Tracecode: 44948509141873941770112110
Vary: Accept-Encoding
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 21 Dec 2022 02:58:15 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache63 [4], suzix89 [2]
Ohc-File-Size: 56049
X-Cache-Status: HIT

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP