Report - www.813856.com/

Report Overview

Submitted URL
www.813856.com/
IP
35.215.175.154
ASN
#15169 GOOGLE
Submitted
2023-02-06 00:01:02
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
api.api68.com	475583	2017-10-16T15:53:14Z	2023-03-13T06:43:20Z	856 B	1.6 kB	172.64.135.18
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.0 kB	5.3 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
bd51static.com	unknown	2021-10-07T06:20:25Z	2023-03-13T06:43:17Z	274 B	1.2 kB	104.21.37.150
www.813856.com	unknown	2023-01-19T01:00:36Z	2023-02-25T13:22:37Z	2.6 kB	165 kB	35.215.175.154
collect-v6.51.la	91421	2021-03-08T17:03:54Z	2023-03-13T05:33:15Z	674 B	738 B	103.143.19.103
push.zhanzhang.baidu.com	57139	2015-07-22T07:44:02Z	2023-03-13T05:37:01Z	284 B	750 B	180.101.212.103
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	714 B	1.4 kB	142.250.74.163
kjw1868.com	unknown	2023-02-01T07:12:49Z	2023-03-02T18:07:31Z	7.2 kB	130 kB	172.67.194.236
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	68 kB	34.120.237.76
api.share.baidu.com	44629	2013-04-25T16:45:11Z	2023-03-13T05:37:01Z	324 B	114 B	180.101.212.103
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
http2.mlstatic.com	19098	2017-01-30T06:14:01Z	2023-03-13T05:46:17Z	1.5 kB	45 kB	95.101.11.48
sdk.51.la	88367	2021-03-08T17:03:51Z	2023-03-13T05:33:13Z	279 B	13 kB	47.253.50.2
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.26.56.94

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-02-05	medium	www.813856.com/	Mercado Livre
2023-02-05	medium	www.813856.com/	Mercado Livre
2023-02-05	medium	www.813856.com/	Mercado Livre
2023-02-05	medium	www.813856.com/	Mercado Livre
2023-02-05	medium	www.813856.com/	Mercado Livre
2023-02-05	medium	www.813856.com/	Mercado Livre

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-06	medium	www.813856.com/main.js	Phishing
2023-02-06	medium	www.813856.com/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (25)

	URL	Size	First Seen	Last Seen
	kjw1868.com/webapp/js/lib/zepto.js	26 kB	2023-03-07	2024-02-07
Pretty URL kjw1868.com/webapp/js/lib/zepto.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:04 Last Seen2024-02-07 04:36:58 Times Seen81 Hash 6bea8158383f3034319b45571f5ca7e8 c546d9454a2e62ed987b0ff459a13bc41a51b250 bdcd35a7fc89302612325490543bab6f0f74e46830e1a646c0d434c22bd6d476 Loading...

	kjw1868.com/webapp/js/lib/config.js	9.1 kB	2023-03-12	2023-03-13
Pretty URL kjw1868.com/webapp/js/lib/config.js IP 172.67.194.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 08:22:07 Last Seen2023-03-13 18:02:28 Times Seen1 Hash dee75d29ad1d99f416ccb244a1e68fdc fbe12e9289cdd3c8c416d945b46e39d5122099a3 2fa57a2272e9ffcbe6478b60aa34da4d72c2b6ddb17b84a7910151d8ef897e61 Loading...

	www.813856.com/	491 B	2023-03-07	2024-01-04
Pretty URL www.813856.com/ IP 35.215.175.154 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:04 Last Seen2024-01-04 22:35:59 Times Seen17 Hash 32194289a5d1c98a63b359717b52d961 fdd92bb52ce5806f83debe9394e81aa8e52b426b 3f54358549e80202eae2723dfd20f0a52c614e890f559d4187e2500dcf73ca88 Loading...

	www.813856.com/main.js	1.2 kB	2023-03-13	2023-03-26
Pretty URL www.813856.com/main.js IP 35.215.175.154 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:02:28 Last Seen2023-03-26 06:49:15 Times Seen2 Hash d672956eac2b139b451ce1a6cd67de0e f7dec32ede759511564214d3f7b7d2319de8f7de 04dc43ff4379b2b5ff658ef396e12fc0a51f658b9fa7b5f784a284e99b22bc13 Loading...

	sdk.51.la/js-sdk-pro.min.js	34 kB	2023-03-07	2024-04-19
Pretty URL sdk.51.la/js-sdk-pro.min.js IP 47.253.50.2 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-19 11:34:34 Times Seen23142 Hash 24bb520e9517f2ed3ed987b46aeaf723 846723563d7dd2bff3954f93633b11af0103adc8 d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27 Loading...

	kjw1868.com/webapp/js/lib/iscroll.js	20 kB	2023-03-07	2024-02-07
Pretty URL kjw1868.com/webapp/js/lib/iscroll.js IP 172.67.194.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:04 Last Seen2024-02-07 04:36:55 Times Seen116 Hash 3249e269b6bf59a9596ff4dd4908bd74 16f804a74f66585bf01bb2217997a2a4ff0c4a23 3b294972fe3c686a14d4195e17abc43199da904d959c9ffa128b3649b6bd925c Loading...

	kjw1868.com/webapp/js/lib/drawLines.js	25 kB	2023-03-07	2024-02-07
Pretty URL kjw1868.com/webapp/js/lib/drawLines.js IP 172.67.194.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:04 Last Seen2024-02-07 04:36:58 Times Seen113 Hash 7db0502baf867aa0663475b899ffb19e a69f4ef6ab52c62d9885dc55b733c8c37687383e 8a3eec9c6525ce4aad8b37e0a188f4716a8fcdec24ee894d2f8ffec447872fbb Loading...

	kjw1868.com/webapp/js/lib/jquery.async.js	902 B	2023-03-07	2024-02-07
Pretty URL kjw1868.com/webapp/js/lib/jquery.async.js IP 172.67.194.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:04 Last Seen2024-02-07 04:36:57 Times Seen120 Hash 2e3cd10cd7579756c32b479d018996ce f802c0231c81b061352b3c7bb4c64c143ce353f2 9b52ff42b1430595e38ae165b5a8ac6719c0bfddf9407ef9bc720dc30f2d3e5f Loading...

	kjw1868.com/webapp/js/local/tools/tools.js	102 kB	2023-03-08	2023-08-27
Pretty URL kjw1868.com/webapp/js/local/tools/tools.js IP 172.67.194.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:38:11 Last Seen2023-08-27 21:42:58 Times Seen21 Hash 99fbbca37c65250d2e7d266a190aa459 748b0ccb950c60dd5d70da2ec6cfe998e5295b33 336a90a900c6b8fcbe863fcf1360bdcf70b30910a537b02f7cdd3b057530e69c Loading...

	push.zhanzhang.baidu.com/push.js	281 B	2023-03-07	2024-04-18
Pretty URL push.zhanzhang.baidu.com/push.js IP 180.101.212.103 ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-18 14:13:26 Times Seen18955 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

	bd51static.com/11sp.js	1.1 kB	2023-03-08	2024-02-07
Pretty URL bd51static.com/11sp.js IP 104.21.37.150 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:38:11 Last Seen2024-02-07 04:36:56 Times Seen53 Hash c0ade734701d9db09181bbc8cfcf4652 94c04893016de3c8d6f3e6af12e3998dadb4e32c c13332db7ef27f7fd3b7632833da00298d50531b267913436ec1a0df564156a5 Loading...

	www.813856.com/	491 B	2023-03-08	2023-03-29
Pretty URL www.813856.com/ IP 35.215.175.154 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:38:11 Last Seen2023-03-29 23:20:27 Times Seen6 Hash 2e19a134e3952fdf7b4fa3d0f28014dc 5988f6dd45c20f8ae43e2dd24a3a1d1c014a599b 372c71ab2660eb1a043b6a9804b86c885024f1a895f56e751e521f35924d599c Loading...

	www.813856.com/	373 B	2023-03-08	2024-02-07
Pretty URL www.813856.com/ IP 35.215.175.154 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:38:11 Last Seen2024-02-07 04:36:55 Times Seen29 Hash d8fa335219c5bdc0457e75de1648e1bd 9ba640b0e3922e76353d0d08522465147926083e 192c7ff205539f509c90972875b62d63187f297d23cd62e1a583c0810c2bc177 Loading...

	kjw1868.com/webapp/js/lib/pk10BaseTrend.js	6.7 kB	2023-03-07	2024-02-07
Pretty URL kjw1868.com/webapp/js/lib/pk10BaseTrend.js IP 172.67.194.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:04 Last Seen2024-02-07 04:36:55 Times Seen69 Hash 6f6fadebe51378762442a2211edfef60 abb6dd63e315112728f3540ef124480e4b1e9048 441c3db4288867eb549306e2797b1075d745408c6674660096a9ed695435391e Loading...

	kjw1868.com/webapp/js/lib/jquery-1.9.1.js	93 kB	2023-03-07	2024-02-07
Pretty URL kjw1868.com/webapp/js/lib/jquery-1.9.1.js IP 172.67.194.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:04 Last Seen2024-02-07 04:36:55 Times Seen59 Hash 0ced1955d04ad67f93c642501960172d e346705c96ed71fef43144a893dc26f0d1ff2a81 7196db5ce1154dda0f62614999dfd169a0e5fa9db634c12c308f9f9b22cb6f90 Loading...

	kjw1868.com/webapp/js/lib/date.js	7.9 kB	2023-03-07	2024-02-07
Pretty URL kjw1868.com/webapp/js/lib/date.js IP 172.67.194.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:05 Last Seen2024-02-07 04:36:55 Times Seen70 Hash a9256f059d597b6c3fa046e00d457fcd a5d5298fd6737d99e4dd71f9b1f686849f5f87da 5de11f7b517d7f89c70ea78a8fe23a2f86bd848c8eb098003623b9faaff42d2e Loading...

	kjw1868.com/webapp/js/lib/Sortable.min.js	0 B	2023-03-07	2024-04-19
Pretty URL kjw1868.com/webapp/js/lib/Sortable.min.js IP 172.67.194.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 11:41:04 Times Seen36957503 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	kjw1868.com/webapp/js/local/pk10/index.js	89 kB	2023-03-07	2024-01-29
Pretty URL kjw1868.com/webapp/js/local/pk10/index.js IP 172.67.194.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:41:02 Last Seen2024-01-29 23:08:39 Times Seen35 Hash 15a3b151854fecbdec6d06a2a8cbf615 90c01185ec0dafa6225fed673abffd2476a10a33 0acb184791a34dac8ffd8d7c592d8797b10eba55d64e8501ddf932601ac7da59 Loading...

	kjw1868.com/webapp/js/local/pk10/head_jisusaiche.js	303 B	2023-03-10	2024-01-29
Pretty URL kjw1868.com/webapp/js/local/pk10/head_jisusaiche.js IP 172.67.194.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 09:25:11 Last Seen2024-01-29 23:08:40 Times Seen36 Hash 7d17eeb07e12644cc27e6d8f63353d70 1074682081821f439af386aa7fba49778623e7fb 9fa1916fb1f0ec143e93280bf4daea5e31aeaab49714b4a973b70c6e9edc50fc Loading...

	kjw1868.com/webapp/html/jisusaiche/index.html	125 B	2023-03-07	2024-01-29
Pretty URL kjw1868.com/webapp/html/jisusaiche/index.html IP 172.67.194.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:01:44 Last Seen2024-01-29 23:08:38 Times Seen23 Hash b5ba1987c326caff723c9d97e8861c53 b0ccc756cd1f246775e92164d1aaa7466a9c9888 2c20d2ab9ec4c841d3d2a542a69bce267860b93d1af033153f02d66b13c75208 Loading...

		Size	First Seen	Last Seen
	#1 Eval - bd2be48eac9edd9929dcf7bd683b70e9	424 B	2023-03-13	2023-03-26
Pretty Observations First Seen2023-03-13 18:02:28 Last Seen2023-03-26 06:49:15 Times Seen2 Hash bd2be48eac9edd9929dcf7bd683b70e9 21ba42615d018f889d6e996c50972d361ba9d67e 3b0a558c26af37ca56d410c7db96e21371934fd8b66c427d3a93fe029adb80cd Loading...

	#2 Eval - 2f3b48fd8fa4db2f39788116dbf87bee	405 B	2023-03-07	2024-02-07
Pretty Observations First Seen2023-03-07 12:24:05 Last Seen2024-02-07 04:36:56 Times Seen56 Hash 2f3b48fd8fa4db2f39788116dbf87bee 5d672a2f88557fe219a75d809a5e86825c68ed1c d6f708d137516644dd0ba5704ca91727587b8c5265f10442ce34ffe67f07c48d Loading...

		Size	First Seen	Last Seen
	#1 Write - 56dd1af0ed9568be9d345ff1b2140e59	508 B	2023-03-07	2024-02-07
Pretty Observations First Seen2023-03-07 12:24:05 Last Seen2024-02-07 04:36:56 Times Seen69 Hash 56dd1af0ed9568be9d345ff1b2140e59 40ab33e83f11171724ce7cd5ff28b0eefd300518 f6fc69a3280db2b27cc4d9779d095521e7676fe195a78d67c6ea77e656f744c0 Loading...

	#2 Write - a5d3cec0c9ef698476f7434e1bc42dc6	508 B	2023-03-08	2024-02-07
Pretty Observations First Seen2023-03-08 02:38:11 Last Seen2024-02-07 04:36:56 Times Seen30 Hash a5d3cec0c9ef698476f7434e1bc42dc6 d30103fa6adcc195165c2f821959294315d14566 b8d1c3912ccb0c9664369f032142f1550dc20709d971686ccd18b2263f1680e4 Loading...

	#3 Write - 1d608c81fc4d56562f990b371d52f9ef	405 B	2023-03-13	2023-03-26
Pretty Observations First Seen2023-03-13 18:02:28 Last Seen2023-03-26 06:49:15 Times Seen2 Hash 1d608c81fc4d56562f990b371d52f9ef aa87fda82a345b408e6ce8c1c60469e9ade2e163 5b74c99ffcf95e4386a07c5957ff34b52c476578c9e1510d4ed56076cb139f32 Loading...

HTTP Transactions (53)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6379
Expires: Mon, 06 Feb 2023 01:47:11 GMT
Date: Mon, 06 Feb 2023 00:00:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8697
Expires: Mon, 06 Feb 2023 02:25:49 GMT
Date: Mon, 06 Feb 2023 00:00:52 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 23:36:24 GMT
content-type: application/json
age: 1468
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12514
Expires: Mon, 06 Feb 2023 03:29:26 GMT
Date: Mon, 06 Feb 2023 00:00:52 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: AgEvf24o3OnR7f9biJTAX0VLWrDp4z1aFj05kgG/LN7DgR5pjFlzUXTqIJ6BK3mS0LBTbF9nYAE=
x-amz-request-id: PFNB40YKPKQF5539
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 23:53:29 GMT
age: 443
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 00:00:52 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

http2.mlstatic.com/ui/webfonts/v3.0.0/proxima-nova/proximanova-light.woff2

95.101.11.48

200 OK

14 kB

URL HTTP/2
http2.mlstatic.com/ui/webfonts/v3.0.0/proxima-nova/proximanova-light.woff2
IP
95.101.11.48:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 14076, version 3.131\012- data
Size
14 kB (14099 bytes)
Hash
8e5f280b6447af2263926b0324e05852
11342c24e0abede2de649c76c19b60a7890d1dcc
8c7f42e73d1ab70c305bca15028228419e691f2ee55f8843b76c92193af9d3ee

HTTP Headers

GET /ui/webfonts/v3.0.0/proxima-nova/proximanova-light.woff2 HTTP/1.1
Host: http2.mlstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.813856.com
Connection: keep-alive
Referer: http://www.813856.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: font/woff2
server: Tengine
x-amz-id-2: x3aVNhgbtHOVHLykTo9xdjdouZ9AeLujRPISag3phs+HymEzJtx9ozCHcutCSBY9lSOX+SNhNfhneUjEJLY2hw==
x-amz-request-id: 9T3XKDRN7HHC8AJ8
x-amz-replication-status: COMPLETED
last-modified: Tue, 07 Jun 2022 03:26:46 GMT
etag: "0de1fd16bf20e0b68646e390d439ab42"
x-amz-server-side-encryption: AES256
x-amz-version-id: C4CTuYdIvDB_0NcYDhbmfHFUFBfVxB.Q
accept-ranges: bytes
x-request-id: a708f3bb-c34b-4cf0-829d-06bc731f7a68
x-request-device-id: a708f3bb-c34b-4cf0-829d-06bc731f7a68
x-d2id: a708f3bb-c34b-4cf0-829d-06bc731f7a68
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 06 Feb 2023 00:00:52 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 14099
x-cdn: a
X-Firefox-Spdy: h2

http2.mlstatic.com/ui/webfonts/v3.0.0/proxima-nova/proximanova-semibold.woff2

95.101.11.48

200 OK

14 kB

URL HTTP/2
http2.mlstatic.com/ui/webfonts/v3.0.0/proxima-nova/proximanova-semibold.woff2
IP
95.101.11.48:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 13744, version 3.131\012- data
Size
14 kB (13767 bytes)
Hash
47d8ad8e357234e3ac56431b6a375e5f
20c17d806b6acb5a5a479356bb04b32efdc2aa2f
ebc9678e550b93d31b66068f7c5ad3fca5f14eb7fd9689a59ce9c3901fb4333c

HTTP Headers

GET /ui/webfonts/v3.0.0/proxima-nova/proximanova-semibold.woff2 HTTP/1.1
Host: http2.mlstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.813856.com
Connection: keep-alive
Referer: http://www.813856.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: font/woff2
server: Tengine
x-amz-id-2: nBVRAEzN7r7vsfBjbH7W/VpJQd5o9kq9yLhGlGxUyT9Ghb94/jCdSMIiVvXCsBIrnYHTBeU0KJ91U48xX3UT6Q==
x-amz-request-id: 9T3RNK5T9NG2WRZN
x-amz-replication-status: COMPLETED
last-modified: Tue, 07 Jun 2022 03:26:52 GMT
etag: "a173db3743be3e63644aab4c442c169e"
x-amz-server-side-encryption: AES256
x-amz-version-id: QXtxTjNIRBQpICBRMemGkscbfcpzhxcO
accept-ranges: bytes
x-request-id: 837ed5e1-e80a-4331-9839-75d4e5f658cd
x-request-device-id: 837ed5e1-e80a-4331-9839-75d4e5f658cd
x-d2id: 837ed5e1-e80a-4331-9839-75d4e5f658cd
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 06 Feb 2023 00:00:52 GMT
content-length: 13767
x-cdn: a
X-Firefox-Spdy: h2

http2.mlstatic.com/ui/webfonts/v3.0.0/proxima-nova/proximanova-regular.woff2

95.101.11.48

200 OK

14 kB

URL HTTP/2
http2.mlstatic.com/ui/webfonts/v3.0.0/proxima-nova/proximanova-regular.woff2
IP
95.101.11.48:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 14076, version 3.131\012- data
Size
14 kB (14099 bytes)
Hash
6c8a9a935f8302fc92ec49b1e0c3f2c5
d55240513d610c629aba62dafa55951da416a441
d2ac471b314cd74ee9f95d0125fe8adcbc56947d40b9df1a18141ff6131eb73f

HTTP Headers

GET /ui/webfonts/v3.0.0/proxima-nova/proximanova-regular.woff2 HTTP/1.1
Host: http2.mlstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.813856.com
Connection: keep-alive
Referer: http://www.813856.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: font/woff2
server: Tengine
x-amz-id-2: 2m5TACAgR/hgXCRcos/2emHogX7D9uYxbXWKKLbMJe8+OT3kRcwNhCy/hbMwj0yI1Sn6vHEsSZE=
x-amz-request-id: ZFD5AJJE7EEZCZP0
x-amz-replication-status: COMPLETED
last-modified: Tue, 07 Jun 2022 03:26:49 GMT
etag: "67ff311675dbd02ddb898f02af6fddaf"
x-amz-server-side-encryption: AES256
x-amz-version-id: MocYTiXX0FcyQ3NLXQ4zZuxDhFDOReik
accept-ranges: bytes
x-request-id: 1254532f4fefcb29831ca7c1d033aff0
x-request-device-id: 1254532f4fefcb29831ca7c1d033aff0
x-d2id: 1254532f4fefcb29831ca7c1d033aff0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 06 Feb 2023 00:00:52 GMT
content-length: 14099
x-cdn: a
X-Firefox-Spdy: h2

bd51static.com/11sp.js

104.21.37.150

200 OK

426 B

URL HTTP/1.1
bd51static.com/11sp.js
IP
104.21.37.150:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (554)
Size
426 B (426 bytes)
Hash
eebe0876b7ef80d73a610f5a8f0c8410
45625026fd24ea7e8242fb69e13aa7049f217ada
5761f13051982adc3e309cffbe87a1044965a0c4f8c2b8c04146cf7c71dacae5

HTTP Headers

GET /11sp.js HTTP/1.1
Host: bd51static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.813856.com/

HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 00:00:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 10 Jan 2022 11:18:35 GMT
Vary: Accept-Encoding
ETag: W/"61dc160b-456"
Expires: Mon, 06 Feb 2023 00:37:56 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 40976
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4n%2B%2Ft9p%2F7LqFGjojr4BgTs9RPJwJFWk3J%2Fgrydto4z8mHiFYY1DVNhaglbtM0A%2F7Ogy5673YU%2BnLB8dM8QA%2Fo26uDocRtQflUy2rEEOCubzywBfikEQ8%2F1MY%2BxLmg2Tp8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794f9ba8e9a9b4f7-OSL
alt-svc: h2=":443"; ma=60

www.813856.com/main.js

35.215.175.154

200 OK

539 B

URL HTTP/1.1
www.813856.com/main.js
IP
35.215.175.154:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with very long lines (476), with CRLF line terminators
Size
539 B (539 bytes)
Hash
44bcdc382486939c2fb4864faab50967
430b29997d5fa2c4710ef6a37562db68661f9f0c
8387ee6660f71aea073826b26f132acaa81ca21f05d664a629a55040a8d4eb3a

Detections

Analyzer	Verdict	Alert
openphish	Mercado Livre
fortinet	Phishing

HTTP Headers

GET /main.js HTTP/1.1
Host: www.813856.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.813856.com/

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 00:00:52 GMT
Content-Type: application/javascript
Last-Modified: Wed, 01 Feb 2023 06:53:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63da0c66-4cf"
Expires: Mon, 06 Feb 2023 12:00:52 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.813856.com/

35.215.175.154

200 OK

55 kB

URL HTTP/1.1
www.813856.com/
IP
35.215.175.154:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (51855)
Size
55 kB (55247 bytes)
Hash
711a4f4ee1fd69d642bd96fd50e5ba3c
12c79e81a271a951bdec829d25d5141877b5782c
5ab4314ca59468b3fe99040b7df780259ec0011384b23aecec7284a5820ee9af

Detections

Analyzer	Verdict	Alert
openphish	Mercado Livre
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.813856.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 00:00:52 GMT
Content-Type: text/html
Last-Modified: Wed, 01 Feb 2023 06:53:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63da0c66-4276f"
Content-Encoding: gzip

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 23:07:20 GMT
age: 3212
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11181
Expires: Mon, 06 Feb 2023 03:07:13 GMT
Date: Mon, 06 Feb 2023 00:00:52 GMT
Connection: keep-alive

ocsp.pki.goog/s/gts1p5/739Ilpkc9N4

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/739Ilpkc9N4
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
54247748de7d4d61a2d1f5eab9a7dcb2
50b6d9fe993c1e27d33a1507a0b5a02bb8cee5e4
aa0e146d3097b661e664d92d5345c8d44960dde37e8ebfd855a5ec31423124d2

HTTP Headers

POST /s/gts1p5/739Ilpkc9N4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 00:00:52 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sdk.51.la/js-sdk-pro.min.js

47.253.50.2

200 OK

13 kB

URL HTTP/1.1
sdk.51.la/js-sdk-pro.min.js
IP
47.253.50.2:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
Unicode text, UTF-8 text, with very long lines (34110)
Size
13 kB (12853 bytes)
Hash
29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1

HTTP Headers

GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.813856.com/

HTTP/1.1 200 OK
Server: openresty
Date: Mon, 06 Feb 2023 00:00:52 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 10 Jan 2023 04:34:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63bceaef-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip

www.813856.com/css/home.desktop.6bbc7306.css

35.215.175.154

200 OK

19 kB

URL HTTP/1.1
www.813856.com/css/home.desktop.6bbc7306.css
IP
35.215.175.154:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Size
19 kB (18690 bytes)
Hash
c89fd7b8278e24841a3fd5b65f428144
22614d19c96b7fd5916a3b020c1075c6679dc006
ca358710e4f17c69e680b852b51f613548153d47564cdf8f771118bb69175bb3

Detections

Analyzer	Verdict	Alert
openphish	Mercado Livre

HTTP Headers

GET /css/home.desktop.6bbc7306.css HTTP/1.1
Host: www.813856.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.813856.com/

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 00:00:52 GMT
Content-Type: text/css
Last-Modified: Thu, 21 Apr 2022 06:19:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6260f782-180ae"
Expires: Mon, 06 Feb 2023 12:00:52 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

push.services.mozilla.com/

52.26.56.94

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.26.56.94:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5EIRDGsreXGmzxg5z7ANfg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QgohC27BMAq4V1aR8m/msR7c2n4=

ocsp.pki.goog/s/gts1p5/739Ilpkc9N4

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/739Ilpkc9N4
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
54247748de7d4d61a2d1f5eab9a7dcb2
50b6d9fe993c1e27d33a1507a0b5a02bb8cee5e4
aa0e146d3097b661e664d92d5345c8d44960dde37e8ebfd855a5ec31423124d2

HTTP Headers

POST /s/gts1p5/739Ilpkc9N4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 00:00:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.813856.com/jpg/d_nq_877425-mla47306668299_082021-oo.jpg

35.215.175.154

200 OK

17 kB

URL HTTP/1.1
www.813856.com/jpg/d_nq_877425-mla47306668299_082021-oo.jpg
IP
35.215.175.154:0
ASN
#15169 GOOGLE

File type
JPEG image data, baseline, precision 8, 680x78, components 3\012- data
Size
17 kB (17398 bytes)
Hash
14e60b059562d3f99d3eadd09ee57e4d
09ac3fb3fa1cc3755530a2ac41037470fde071c2
1b3665ee6d7076120bb96e470436b6f4aa228cad18af2a322fef16b829f26493

Detections

Analyzer	Verdict	Alert
openphish	Mercado Livre

HTTP Headers

GET /jpg/d_nq_877425-mla47306668299_082021-oo.jpg HTTP/1.1
Host: www.813856.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.813856.com/

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 00:00:53 GMT
Content-Type: image/jpeg
Content-Length: 17398
Last-Modified: Tue, 31 Aug 2021 22:22:18 GMT
Connection: keep-alive
ETag: "612eab9a-43f6"
Expires: Wed, 08 Mar 2023 00:00:53 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

www.813856.com/png/180x180.png

35.215.175.154

200 OK

4.1 kB

URL HTTP/1.1
www.813856.com/png/180x180.png
IP
35.215.175.154:0
ASN
#15169 GOOGLE

File type
PNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data
Size
4.1 kB (4108 bytes)
Hash
029717d900e62bf180cd2cf859e118e6
ad57b3cd7005a3a2e39de6529af5456780424af6
fac1d82ff6989d9264f04de335eaf3045d1b49548a1b940c4b490f98ddcceddc

Detections

Analyzer	Verdict	Alert
openphish	Mercado Livre

HTTP Headers

GET /png/180x180.png HTTP/1.1
Host: www.813856.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.813856.com/
Cookie: __vtins__JWt5y7kp2GoqVv83=%7B%22sid%22%3A%20%2203e4e757-1f34-5441-b68f-1bd0f7e62a02%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201675643495466%2C%20%22ct%22%3A%201675641695466%7D; __51uvsct__JWt5y7kp2GoqVv83=1; __51vcke__JWt5y7kp2GoqVv83=0b2f1f05-7323-55db-b8ce-78bbd1a88e53; __51vuft__JWt5y7kp2GoqVv83=1675641695473; __vtins__JYpDpF8edPu0xwqR=%7B%22sid%22%3A%20%22e304a3ce-fce4-5f6b-9144-0451fc86f210%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201675643495483%2C%20%22ct%22%3A%201675641695483%7D; __51uvsct__JYpDpF8edPu0xwqR=1; __51vcke__JYpDpF8edPu0xwqR=7bedee17-c8dd-5d4f-a562-56b73af8d7ed; __51vuft__JYpDpF8edPu0xwqR=1675641695486

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 00:00:53 GMT
Content-Type: image/png
Content-Length: 4108
Last-Modified: Wed, 04 May 2022 16:47:46 GMT
Connection: keep-alive
ETag: "6272ae32-100c"
Expires: Wed, 08 Mar 2023 00:00:53 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

www.813856.com/jpg/d_nq_669180-mla49807570249_042022-oo.jpg

35.215.175.154

200 OK

68 kB

URL HTTP/1.1
www.813856.com/jpg/d_nq_669180-mla49807570249_042022-oo.jpg
IP
35.215.175.154:0
ASN
#15169 GOOGLE

File type
JPEG image data, baseline, precision 8, 1600x340, components 3\012- data
Size
68 kB (67536 bytes)
Hash
dedb3eaad7695a11f8c98c32dab61987
b26219905ebe8389e6126f3dc85ca247a7fc0979
276966d843f3051593822a0645b1f6633a9865aad4914b2d3daecfb3c7c05e02

Detections

Analyzer	Verdict	Alert
openphish	Mercado Livre

HTTP Headers

GET /jpg/d_nq_669180-mla49807570249_042022-oo.jpg HTTP/1.1
Host: www.813856.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.813856.com/

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 00:00:53 GMT
Content-Type: image/jpeg
Content-Length: 67536
Last-Modified: Sat, 30 Apr 2022 02:23:18 GMT
Connection: keep-alive
ETag: "626c9d96-107d0"
Expires: Wed, 08 Mar 2023 00:00:53 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

kjw1868.com/webapp/js/lib/Sortable.min.js

172.67.194.236

200 OK

0 B

URL HTTP/2
kjw1868.com/webapp/js/lib/Sortable.min.js
IP
172.67.194.236:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /webapp/js/lib/Sortable.min.js HTTP/1.1
Host: kjw1868.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kjw1868.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:00:54 GMT
content-type: application/javascript
content-length: 0
last-modified: Tue, 08 Nov 2022 14:55:38 GMT
etag: "636a6dea-0"
expires: Mon, 06 Feb 2023 12:00:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nI9vuXFMce3bUCfYtPyRiNGDYkEIzgYs4epAu90ZJ7d2pmtzUFw7E7eESePNKMXVymhd%2FnJeRvkj5sjLOkWy%2B8PuEQXmjPFu64u65dTT0aEV%2BpojkRp46gOYcaozcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794f9bae89b0b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kjw1868.com/webapp/css/listHtml.css

172.67.194.236

200 OK

5.3 kB

URL HTTP/2
kjw1868.com/webapp/css/listHtml.css
IP
172.67.194.236:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (34316), with no line terminators
Size
5.3 kB (5300 bytes)
Hash
0aeb89b896ac1bf2290441a675d8217c
8a1aa59270583f4f1a21c6220d5beb32242fbb6a
82a5ba335b1cda89badb3c5475099d526e7f7a785e0b3fb65e469cca61f46e27

HTTP Headers

GET /webapp/css/listHtml.css HTTP/1.1
Host: kjw1868.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kjw1868.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:00:54 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 14:55:36 GMT
vary: Accept-Encoding
etag: W/"636a6de8-8624"
expires: Mon, 06 Feb 2023 12:00:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8pmSCM14w4ElwNdcVsuTy6PYY2r0%2FNkKgVilwS75%2FlJEzyzGnm%2Fx418C7pAu4zPdunl5CDbjuAi2wLudrHNOnTG5ZkJMFLT%2BCTLjYlD2fKF8l0IdVRTgNPtRTG44hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794f9bae89a9b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10178
Expires: Mon, 06 Feb 2023 02:50:32 GMT
Date: Mon, 06 Feb 2023 00:00:54 GMT
Connection: keep-alive

kjw1868.com/webapp/html/jisusaiche/index.html

172.67.194.236

200 OK

18 kB

URL HTTP/2
kjw1868.com/webapp/html/jisusaiche/index.html
IP
172.67.194.236:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
18 kB (18434 bytes)
Hash
e2c3d62f2a5e43583204f2daf6ed71af
f6325f0096d614d04521d666c2e567f464f74d82
fa4406580d1bbca6463fb2a043a816060953314c86dc5c65b1cfe33f80b92dc1

HTTP Headers

GET /webapp/html/jisusaiche/index.html HTTP/1.1
Host: kjw1868.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.813856.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:00:53 GMT
content-type: text/html
last-modified: Tue, 08 Nov 2022 15:07:22 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L3cF2ySpYwxlMi3oxazTVfkiIu8ay%2BFimXRwZYD%2BkygetAz9E22ifk3ctLN9dOUX1I5gcGtzeC44eQW6I8eYYYKd4fEZs6MEuXFTNyj%2FGT4xY0x5jPGs8e1xf1%2F2Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794f9bab1f53b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kjw1868.com/webapp/js/lib/jquery-1.9.1.js

172.67.194.236

200 OK

34 kB

URL HTTP/2
kjw1868.com/webapp/js/lib/jquery-1.9.1.js
IP
172.67.194.236:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size
34 kB (34146 bytes)
Hash
06ae2133074549c697fb9869b7c64462
147c4866da5585adacc1ee323e2c7a32e50a5a45
060ffff60e5f4633803bc830f50174434cc57c9be23b82c264e6d06d266ed76b

HTTP Headers

GET /webapp/js/lib/jquery-1.9.1.js HTTP/1.1
Host: kjw1868.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kjw1868.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:00:54 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 14:55:38 GMT
vary: Accept-Encoding
etag: W/"636a6dea-16b57"
expires: Mon, 06 Feb 2023 12:00:53 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dTY26EuVak4rUxp85WX5%2FeLk6pE684I97FZ80K%2BnWif5%2BCPeWIgeJKI%2FlsLj3BiDoxQJn7GFeJkQgGbfS6%2FBgtdQvBpo9bMRKhQOWjekUcc3ohmKqGXDyYPV1Rl6dA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794f9bae89acb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kjw1868.com/webapp/js/local/tools/tools.js

172.67.194.236

200 OK

15 kB

URL HTTP/2
kjw1868.com/webapp/js/local/tools/tools.js
IP
172.67.194.236:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (924), with CRLF line terminators
Size
15 kB (14583 bytes)
Hash
15f28fd72f68c21654dca4e05cb704e3
c1f3d3ec3d87542809bd5e13f3cdd9b670567a48
05c3fc9b25cb05aebd57498158e9a292e2aa6fcc077cb2c9355c9863aff2ce9e

HTTP Headers

GET /webapp/js/local/tools/tools.js HTTP/1.1
Host: kjw1868.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kjw1868.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:00:54 GMT
content-type: application/javascript
last-modified: Wed, 21 Dec 2022 14:13:50 GMT
vary: Accept-Encoding
etag: W/"63a3149e-18fe8"
expires: Mon, 06 Feb 2023 12:00:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oEHcVNXcr9zOYlkpxI1Z%2FyUt9G554oKqQEEWJtwPOW%2FtYxPbCM3pdJXPSmjmvcTv3%2Bxs7RhoWin%2BL%2BOd5kh5YOBV%2BPIqd%2BnWEH9IPfxg43qHjtzH6c28hmwMlaXN9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794f9bae99bfb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10178
Expires: Mon, 06 Feb 2023 02:50:32 GMT
Date: Mon, 06 Feb 2023 00:00:54 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7158f70-9e7b-4725-8249-e7061700f1ee.webp

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7158f70-9e7b-4725-8249-e7061700f1ee.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8528 bytes)
Hash
cb0dab387816c4b691190ec83c2f0f06
9c56d516ae0178b5b0d8bbf2b16e2e7fbe25e358
6655307747227d7905f0eca1aaefda6147e4ae443fb9fb20cdb6a336aaab5b67

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7158f70-9e7b-4725-8249-e7061700f1ee.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8528
x-amzn-requestid: b799da5b-d52a-4d83-bdd4-9582d39d6c5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwCmAFYgIAMFjvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dcb159-77235f642e8a0bdb07414dcb;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 07:01:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EN4Mi_2U_eISge5bd6JQgkg6rGJcB2cQAyhKHOZO-g_Arj6kofRo6g==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 07:26:08 GMT
age: 59686
etag: "9c56d516ae0178b5b0d8bbf2b16e2e7fbe25e358"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe482817c-a09c-4952-a819-3ff2f99810ae.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8039 bytes)
Hash
336b665bfad04ec8ed14b01bbf17566d
92102d4c75d2c7efd8197be88e3cb467d2682190
1e21687a242c058a3b442909b168c5e706175b1e93e51cfce691c6f033f795d7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe482817c-a09c-4952-a819-3ff2f99810ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8039
x-amzn-requestid: b36a6062-0676-4abc-820c-959bc02810f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4pkoECwIAMF4hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e022ea-52faddc079b7107004e8cfea;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:43:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MOgI0aopvRaUSJ-YFH6QFNpGxhUNlpnLk7VeCeOsmcrGTUYIESN2Hg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:04:24 GMT
age: 6990
etag: "92102d4c75d2c7efd8197be88e3cb467d2682190"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F028c7ce9-e4c6-4453-bc20-0c0fefbadfec.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11630 bytes)
Hash
b08a4dc42d2e08b2b18c9545ce9a2fdb
b688557ebba4b3c987275761e9a1f5993ad3d8a5
641402fb9282208b33877e4812cb9392b035dba85fcb3a344a2a1072d5a69f28

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F028c7ce9-e4c6-4453-bc20-0c0fefbadfec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11630
x-amzn-requestid: 3912e3f9-44a5-405c-9edb-d8409faa0b04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4pkUHUoIAMFzcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e022e8-03e547e96b085d9e29a1852b;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:43:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Vrf1axqufJTrf057F6nY_97NtiM_Wt0tZXpTGN42rvAOV7a4CPe1ig==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:12:02 GMT
age: 6532
etag: "b688557ebba4b3c987275761e9a1f5993ad3d8a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13230 bytes)
Hash
a24cf7b2db6d65c3fe5daf78b3309ced
a3653a9a7baea412808dd91572ff21e1a505c26f
f55ee98bab5ce53d6acc1cac7f54f089b42d5f2ffbe750d869c4f4a7bc26f715

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13230
x-amzn-requestid: 8171829a-cf6d-4c33-99a1-f3cef7cd4475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiTH8GoAMFYLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-1597a0f06ef3db2534a101aa;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Nvfp0sEYw5bxnFHisq80WCXh6T-LdFlPqs95tyX2epjMfhM_hjUj0A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 7851
etag: "a3653a9a7baea412808dd91572ff21e1a505c26f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (8981 bytes)
Hash
714723c38877e0d1655c7118a88ec064
809a42ce7c76cea0ce16af8172d852723c3a5f02
6bad7253694d155de31a8f5a3c635545a39aac340ca49d1bc10efb6739d4a356

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8981
x-amzn-requestid: 0054e925-c381-4737-bd92-32b2af3a604e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQHRFoAMFw6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-45ea5ee33d07326c593d21d3;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ixAMZh_xOYWVESJ0jOEPOXZ4GQBDUZZsh26yEDYfl8APcBF2x2sZYg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 7851
etag: "809a42ce7c76cea0ce16af8172d852723c3a5f02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b3e78aa-f2de-4a48-82bf-952d0a22f875.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11481 bytes)
Hash
f0f48a44e1aece8d271028a7b0684cac
9f7247a3bb9248cd281c568ebba6e52b38b00149
0a34b5dc66f170403e79b2315a7cacef1703ce3777a20914525f86d46c0cd637

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b3e78aa-f2de-4a48-82bf-952d0a22f875.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11481
x-amzn-requestid: b50de2d1-c23b-4908-8fc3-e84eea0382a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRFL-oAMFnSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-0254cda141886e0f39e8f8b3;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KIJ6iTpVC0gVV6Q0dd_-ZTWkwm3q0vP52N3088Rd7O9pb8D39XfnBg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 7851
etag: "9f7247a3bb9248cd281c568ebba6e52b38b00149"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

kjw1868.com/webapp/css/pk10_Gary.css

172.67.194.236

200 OK

3.8 kB

URL HTTP/2
kjw1868.com/webapp/css/pk10_Gary.css
IP
172.67.194.236:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (17227), with no line terminators
Size
3.8 kB (3845 bytes)
Hash
e60e7b72ab79a1faf01faaf647f53d80
a94771156e80f88a48d6bcc461923eb408b23c1b
a5e583f2327fafcbb2da61a4ce17f98f1ee6a7a0c437a963249fdbd35b2876bc

HTTP Headers

GET /webapp/css/pk10_Gary.css HTTP/1.1
Host: kjw1868.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kjw1868.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:00:54 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 14:55:36 GMT
vary: Accept-Encoding
etag: W/"636a6de8-4353"
expires: Mon, 06 Feb 2023 12:00:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4DDVdnoHC0eDqHMw1ABUmAfsphIer54PduQ61Xb7jMsIAVfd4lAJko1z6lASjPylkFMVdCovGqD6yk7dPgd3xt8l8fmt5CCD0FyW9aE6emojnZAdF2Xf1pcwJZaxrg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794f9bae89a2b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kjw1868.com/webapp/css/pk10.css

172.67.194.236

200 OK

6.3 kB

URL HTTP/2
kjw1868.com/webapp/css/pk10.css
IP
172.67.194.236:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
6.3 kB (6281 bytes)
Hash
48ea1041bd08845f1c5939c4d2342392
f32f6dccb016a1859e8a7d12c393aa07d432b496
fa5c4c467a414f0e8633793e21fd71306198d2096dc1f3c0603f2d29ad365f1d

HTTP Headers

GET /webapp/css/pk10.css HTTP/1.1
Host: kjw1868.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kjw1868.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:00:54 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 14:55:36 GMT
vary: Accept-Encoding
etag: W/"636a6de8-53fc"
expires: Mon, 06 Feb 2023 12:00:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLSXMiJvy20e7QPdH6a6OGIvZwuSFBSTy3jNIOtf2Z3iFWaBBJszQkh7QcSAa6g80L9QfTObGLxIGNBCTN9iJkBjNKjzsIOPcpg9AnXLdiUqbuKEAuoq9pQXPPb4qg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794f9bae799db52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kjw1868.com/webapp/css/public.css

172.67.194.236

200 OK

33 kB

URL HTTP/2
kjw1868.com/webapp/css/public.css
IP
172.67.194.236:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
33 kB (33131 bytes)
Hash
a29f58479132433fa8150ceacbefd5c2
d9396822809ff969180a4e7aeac2a27b6f372b4c
82e2e2bc8a4de6690c91bd9cbebd6e0e53b7cac8d6632ba0363c2a4eb7a6d785

HTTP Headers

GET /webapp/css/public.css HTTP/1.1
Host: kjw1868.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kjw1868.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:00:54 GMT
content-type: text/css
last-modified: Wed, 21 Dec 2022 09:59:10 GMT
vary: Accept-Encoding
etag: W/"63a2d8ee-59ac"
expires: Mon, 06 Feb 2023 12:00:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zg25L%2Bk%2FflwDdP4n2H1BiLDC6EZnm7oRF3xpBgrhnx0nJredP9qa%2FT814cYfrDXcZvI5tcs4lqUsxRAAme8%2BIbwsY9tmgQU9yuMei%2B5P7dD8c7JRKpCtx1b5ytWp8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794f9bae89a7b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

collect-v6.51.la/v6/collect?dt=4

103.143.19.103

200

0 B

URL HTTP/1.1
collect-v6.51.la/v6/collect?dt=4
IP
103.143.19.103:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 386
Origin: http://www.813856.com
Connection: keep-alive
Referer: http://www.813856.com/

HTTP/1.1 200 
Server: CloudWAF
Date: Mon, 06 Feb 2023 00:00:55 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=3c6527755df29a539f4; path=/
HWWAFSESTIME=1675641652789; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://www.813856.com
Access-Control-Allow-Credentials: true

collect-v6.51.la/v6/collect?dt=4

103.143.19.103

200

0 B

URL HTTP/1.1
collect-v6.51.la/v6/collect?dt=4
IP
103.143.19.103:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 383
Origin: http://www.813856.com
Connection: keep-alive
Referer: http://www.813856.com/

HTTP/1.1 200 
Server: CloudWAF
Date: Mon, 06 Feb 2023 00:00:55 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=75f6eb4dc3c4019d8b2; path=/
HWWAFSESTIME=1675641651965; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://www.813856.com
Access-Control-Allow-Credentials: true

push.zhanzhang.baidu.com/push.js

180.101.212.103

200 OK

227 B

URL HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
180.101.212.103:0
ASN
#134770 CHINANET Jiangsu province Suzhou taihu IDC network

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.813856.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Mon, 06 Feb 2023 00:00:57 GMT
Etag: "4078521116"
Expires: Tue, 06 Feb 2024 00:00:57 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=02B3093020350DE2E9EBA218748A2ED5:FG=1; max-age=31536000; expires=Tue, 06-Feb-24 00:00:57 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

api.share.baidu.com/s.gif?l=http://www.813856.com/

180.101.212.103

200 OK

0 B

URL HTTP/1.1
api.share.baidu.com/s.gif?l=http://www.813856.com/
IP
180.101.212.103:0
ASN
#134770 CHINANET Jiangsu province Suzhou taihu IDC network

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s.gif?l=http://www.813856.com/ HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.813856.com/

HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Mon, 06 Feb 2023 00:00:58 GMT

kjw1868.com/webapp/js/lib/iscroll.js

172.67.194.236

200 OK

0 B

URL HTTP/2
kjw1868.com/webapp/js/lib/iscroll.js
IP
172.67.194.236:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /webapp/js/lib/iscroll.js HTTP/1.1
Host: kjw1868.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kjw1868.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:00:54 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 14:55:38 GMT
vary: Accept-Encoding
etag: W/"636a6dea-4db3"
expires: Mon, 06 Feb 2023 12:00:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYU7KUzpSFbYyzmkQpCN7aMq1m1jgZfmyUEEE5jwcYAbwf392Ok45RlIVL8JILoTdE8JmMN7CM2qXs0JkciFpkQpRmtIlmmaJClNQwsyBLhSYqOrFLtZ9Y8XKgZCgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794f9bae99b9b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kjw1868.com/webapp/js/lib/jquery.async.js

172.67.194.236

200 OK

0 B

URL HTTP/2
kjw1868.com/webapp/js/lib/jquery.async.js
IP
172.67.194.236:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /webapp/js/lib/jquery.async.js HTTP/1.1
Host: kjw1868.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kjw1868.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:00:54 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 14:55:38 GMT
etag: W/"636a6dea-386"
expires: Mon, 06 Feb 2023 12:00:53 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcipKE3jTGqKuIw0p05V8yw9p8WfsJU9%2Fir9dAJpHzO86qdnv8L%2Fl69N0BoHCPP5ulDSbszraU8J1G0YF19LLqOEgi2rihQn16oUZdxlv05rww2H6Mxhu5THF7ZEhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794f9bae89b1b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api.api68.com/pks/getPksHistoryList.do?date=&lotCode=10037

172.64.135.18

200 OK

0 B

URL HTTP/2
api.api68.com/pks/getPksHistoryList.do?date=&lotCode=10037
IP
172.64.135.18:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pks/getPksHistoryList.do?date=&lotCode=10037 HTTP/1.1
Host: api.api68.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kjw1868.com
Connection: keep-alive
Referer: https://kjw1868.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:00:54 GMT
content-type: text/html;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://kjw1868.com
vary: Origin
access-control-expose-headers: Set-Cookie
content-disposition: inline;filename=f.txt
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hx0IkgHaJvkKa29UFoc6zUgJzE90jjAlV7U0CB9uDA6WTy%2FySikmB7F%2BkCiL3jz8U206GB2w30eGARCNJ5cwLgxoc6IJW9GyC%2FC5uZQ%2B7YdhkqkXvkmvR10tlys2B%2Fl3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794f9bb3fd7324ea-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kjw1868.com/webapp/js/local/pk10/index.js

172.67.194.236

200 OK

0 B

URL HTTP/2
kjw1868.com/webapp/js/local/pk10/index.js
IP
172.67.194.236:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /webapp/js/local/pk10/index.js HTTP/1.1
Host: kjw1868.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kjw1868.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:00:54 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 14:55:44 GMT
vary: Accept-Encoding
etag: W/"636a6df0-15b83"
expires: Mon, 06 Feb 2023 12:00:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UbSvy39LU3AjKh1Fl1V5bk0LS0lyfb8AUtTr7Xx1wpSYiMNZ7JWU1vcviOLL2KLxDZqSukFN8PYD84chqX7jG63usfHOJKdP7JdvfyGOqc0JALDHuZRL59Oom9uA2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794f9bae99c0b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kjw1868.com/webapp/js/lib/config.js

172.67.194.236

200 OK

0 B

URL HTTP/2
kjw1868.com/webapp/js/lib/config.js
IP
172.67.194.236:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /webapp/js/lib/config.js HTTP/1.1
Host: kjw1868.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kjw1868.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:00:54 GMT
content-type: application/javascript
last-modified: Wed, 21 Dec 2022 14:14:38 GMT
vary: Accept-Encoding
etag: W/"63a314ce-236b"
expires: Mon, 06 Feb 2023 12:00:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8A2Bk9TeddcGhL1u2ylSm6W%2FQHC%2FAA6l3L6ZA8zUYnFDBWj3Oy229EZo3gVLSNtnDsivxHl4D9%2BfPL481D24sfx7xfurh9Vit2boAX7QfzYbNE5y30fF%2FKq8f2YMVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794f9bae99beb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kjw1868.com/webapp/js/local/pk10/head_jisusaiche.js

172.67.194.236

200 OK

0 B

URL HTTP/2
kjw1868.com/webapp/js/local/pk10/head_jisusaiche.js
IP
172.67.194.236:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /webapp/js/local/pk10/head_jisusaiche.js HTTP/1.1
Host: kjw1868.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kjw1868.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:00:54 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 14:55:44 GMT
etag: W/"636a6df0-12f"
expires: Mon, 06 Feb 2023 12:00:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HfNFWRhoEWbRKb7MXTrYsceD1LXzlHS4b1505oRN9IahIKe2Y1zBKv00P6vSFgl2uG1qUh%2FP9Iq4oXfRoVya0X5zPe2x9lXH6EbV2IUwb6pJ7QknvbdhnpytuoZGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794f9bae99c1b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kjw1868.com/webapp/js/lib/drawLines.js

172.67.194.236

200 OK

0 B

URL HTTP/2
kjw1868.com/webapp/js/lib/drawLines.js
IP
172.67.194.236:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /webapp/js/lib/drawLines.js HTTP/1.1
Host: kjw1868.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kjw1868.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:00:54 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 14:55:38 GMT
vary: Accept-Encoding
etag: W/"636a6dea-613b"
expires: Mon, 06 Feb 2023 12:00:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2Bw8Abj45sxoyppiynbvrxLyQNqmU4Pe3HOIx5KPvOJphH9PsHVBQALHgZGzSQ3BLw%2FfPjErI3XUTdlttCYp38rVuT9S2DbVta0vtDY62RsA2gp1FU7YynZrpiYEAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794f9bae89b2b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api.api68.com/pks/getPksDoubleCount.do?date=&lotCode=10037

172.64.135.18

200 OK

0 B

URL HTTP/2
api.api68.com/pks/getPksDoubleCount.do?date=&lotCode=10037
IP
172.64.135.18:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pks/getPksDoubleCount.do?date=&lotCode=10037 HTTP/1.1
Host: api.api68.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kjw1868.com
Connection: keep-alive
Referer: https://kjw1868.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:00:55 GMT
content-type: text/html;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://kjw1868.com
vary: Origin
access-control-expose-headers: Set-Cookie
content-disposition: inline;filename=f.txt
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGEVTzgL6usiEBl%2FU1rqzeKcLwrY%2FEav0BbKg%2FexyV7a3K%2BLxmmOW3b2mLQ4vtDTUTxQWcwPR5bQ5xaqt1PF9ASjOBtjBCUehM8wN1Ywu%2FMbMPiQHJjawHGAM%2FvYUAcw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794f9bba4b4224ea-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kjw1868.com/webapp/css/common.css

172.67.194.236

200 OK

0 B

URL HTTP/2
kjw1868.com/webapp/css/common.css
IP
172.67.194.236:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /webapp/css/common.css HTTP/1.1
Host: kjw1868.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kjw1868.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:00:54 GMT
content-type: text/css
last-modified: Tue, 20 Dec 2022 14:00:50 GMT
vary: Accept-Encoding
etag: W/"63a1c012-f71"
expires: Mon, 06 Feb 2023 12:00:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0KxmoSLVUZLo9Z%2B9dIP%2B5kWy%2BUrC3wporXMpXV1zUnmqZq8IF%2Fab6cLPf44qCz7Ro%2Fzd8kIaANU48%2F0CLUHLLckD1mu7bNczvNKsXMEW71iLOAIDPYC7tS6rcistw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794f9bae89a4b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kjw1868.com/webapp/js/lib/pk10BaseTrend.js

172.67.194.236

200 OK

0 B

URL HTTP/2
kjw1868.com/webapp/js/lib/pk10BaseTrend.js
IP
172.67.194.236:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /webapp/js/lib/pk10BaseTrend.js HTTP/1.1
Host: kjw1868.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kjw1868.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:00:54 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 14:55:38 GMT
vary: Accept-Encoding
etag: W/"636a6dea-1a2d"
expires: Mon, 06 Feb 2023 12:00:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0PQRgIO3jExiI2pwMQLVGx6meSAOx3CkRT7n6bE2gnr1rgspe8%2BAKd5L5EmfBD3VZg%2FqI0hRjemTNxNlyFd6nZJ%2FK0FPft4yUqA1Tw%2Fa1ZF15yVxS7wEM0VsjAAdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794f9bae99b6b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kjw1868.com/webapp/js/lib/date.js

172.67.194.236

200 OK

0 B

URL HTTP/2
kjw1868.com/webapp/js/lib/date.js
IP
172.67.194.236:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /webapp/js/lib/date.js HTTP/1.1
Host: kjw1868.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kjw1868.com/webapp/html/jisusaiche/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:00:54 GMT
content-type: application/javascript
last-modified: Tue, 08 Nov 2022 14:55:38 GMT
vary: Accept-Encoding
etag: W/"636a6dea-1edd"
expires: Mon, 06 Feb 2023 12:00:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhshU9QlL71vHR1dROqbllHp1N3RO3tfcsyDfAb5gyNFiUQZlaDweEcT6l22mYpeeT8iak1JO54pDxgi2TTqV%2FClUOjrqFZZS2BcTspPZopQtzO9o2UR9E0oKjsxdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794f9bae99b7b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML