Report - cc.chitubox.com/login?callback=sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install

Report Overview

Submitted URL
cc.chitubox.com/login?callback=sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe
IP
47.246.44.209
ASN
#24429 Zhejiang Taobao Network Co.,Ltd
Submitted
2022-12-04 03:16:19
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
60

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
mccdn.me	36435	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	363 B	106 kB	172.67.72.108
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	840 B	1.9 kB	142.250.74.66
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	603 B	710 B	108.177.14.157
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	8.7 kB	157.240.240.35
chitubox-web-tracking-sz.cn-shenzhen.log.aliyuncs.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	501 B	282 B	112.74.122.51
status.geotrust.com	3662	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	343 B	797 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.186.209.73
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	766 B	123 kB	142.250.74.168
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	21 kB	142.250.74.46
socialplugin.facebook.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	524 B	1.3 kB	31.13.72.8
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.4 kB	23.36.76.226
region1.analytics.google.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	823 B	562 B	216.239.32.36
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
manychat.com	31945	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	11 kB	18.185.191.84
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	481 B	694 B	142.250.74.163
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	1.9 kB	104.18.21.226
fis.cbd-3d.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	23 kB	47.246.44.209
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	184 kB	31.13.72.12
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.9 kB	142.250.74.131
sac.chitubox.com	968274	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	838 B	289 B	47.254.47.204
cms.chitubox.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	275 B	47.254.47.204
cc.chitubox.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	22 kB	1.5 MB	47.246.44.209
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.3 kB	172.64.155.188
aeis.alicdn.com	23225	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375 B	69 kB	184.30.29.156
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	76 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.8 kB	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed
2022-12-04	medium	chitubox.com	Sinkholed

JavaScript (18)

	URL	Size	First Seen	Last Seen
	cc.chitubox.com/login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe	165 B	2023-03-08	2023-03-12
Pretty URL cc.chitubox.com/login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe IP 47.246.44.209 ASN #24429 Zhejiang Taobao Network Co.,Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:47:25 Last Seen2023-03-12 23:56:29 Times Seen1 Hash fee32f24735be77c128e57515512c6e9 df369259091429d8003fd6868879aad97474f827 7cb5ae0862719914da801e01d654e45b1b988afb7180f7d1ed4014ac7c365936 Loading...

	cc.chitubox.com/login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe	223 B	2023-03-08	2023-03-12
Pretty URL cc.chitubox.com/login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe IP 47.246.44.209 ASN #24429 Zhejiang Taobao Network Co.,Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:47:25 Last Seen2023-03-12 23:56:29 Times Seen1 Hash b5e72ec5ecdf35b30b27aba8105dc597 3bbbca5c0d81ce9c6549fe3bf91a32bcef9f2abf 62262dfb01bda2357541256881af36dddc12accbe840e86c35b96338d18153ba Loading...

	www.googletagmanager.com/gtag/js?id=AW-10973682359	198 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=AW-10973682359 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:47:25 Last Seen2023-03-08 15:47:25 Times Seen1 Hash 8fba6372bed15a579ad6aabb4ac3db37 b149e1db2f8c0dad2a268cf13ce14950e8b30e12 e933412b9b52eb73fbc4e7518a0093e1979d0ef1641d7a0bb304817b20c82734 Loading...

	cc.chitubox.com/1-es2015.ef9b69d7d0a5110b9d35.js	143 kB	2023-03-08	2023-03-12
Pretty URL cc.chitubox.com/1-es2015.ef9b69d7d0a5110b9d35.js IP 47.246.44.209 ASN #24429 Zhejiang Taobao Network Co.,Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:47:25 Last Seen2023-03-12 23:56:30 Times Seen1 Hash 0ffed434adc1a74ec8c22c8ca3855b39 afacfae62361661893a33d486c4f5988d7451431 fbf0c14447ff5f05a72240c0ce58d0759fbf5f2e3ea6127464625739c20f35ae Loading...

	cc.chitubox.com/3-es2015.49268b9fc2cd02084b06.js	104 kB	2023-03-08	2023-03-08
Pretty URL cc.chitubox.com/3-es2015.49268b9fc2cd02084b06.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:47:25 Last Seen2023-03-08 15:47:25 Times Seen1 Hash c616e68777afd126f801e0af4e0c79c2 adb60ce5890b76c41b43da0eedc8679269a25b79 af994f53cebca5bf0841b6ef2d49c74436a09077bac03d56a4bf12774962aa9c Loading...

	cc.chitubox.com/runtime-es2015.041759085d3e9482cd6e.js	2.5 kB	2023-03-08	2023-03-08
Pretty URL cc.chitubox.com/runtime-es2015.041759085d3e9482cd6e.js IP 47.246.44.209 ASN #24429 Zhejiang Taobao Network Co.,Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:47:25 Last Seen2023-03-08 15:47:25 Times Seen1 Hash 04dcd4ab146db2c1f7b84649de25841b f0d1b62d1854976c6808c7d8da362b6912d016b6 3cc1b4b06a7d1f31cea578fad3cf973abdc893e0a87ed493a0bdfb0970a67645 Loading...

	aeis.alicdn.com/sd/ncpc/nc.js?t=20200808	221 kB	2023-03-08	2023-08-15
Pretty URL aeis.alicdn.com/sd/ncpc/nc.js?t=20200808 IP 184.30.29.156 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:47:25 Last Seen2023-08-15 10:40:10 Times Seen78 Hash d149cc057684148ace46ff3f09a4eca2 65cd913b9906450ea16dd81adddf9f4948479600 5690dd327227897442dcc16e2c02add1bf47d2d805aea66baff0a69dace96093 Loading...

	widget.manychat.com/110698050301469.js	1.5 kB	2023-03-08	2023-03-12
Pretty URL widget.manychat.com/110698050301469.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:47:25 Last Seen2023-03-12 23:56:29 Times Seen1 Hash a826f2cb2657c6b18a841b87d288875a e4805913a37fae69aefc45f28c99154aa70bba79 99e8a1ebe66e427c79eafad465752d273060f2cf9c01e755d2f5549d974fa913 Loading...

	cc.chitubox.com/11-es2015.2a93466d2edb3b0c87f2.js	1.8 kB	2023-03-08	2023-03-08
Pretty URL cc.chitubox.com/11-es2015.2a93466d2edb3b0c87f2.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:47:25 Last Seen2023-03-08 15:47:25 Times Seen1 Hash 1ec9d0d61f6d4d9109f5d5e766e50ae6 6b6477f8e93df653b00c37948aa0298c701241ab 07a9a8fa5ce8c978f546a18ea3f83ed7ca198666ac3736c4c4a115ab0813f2f7 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-20
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-20 17:36:09 Times Seen1522 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	cc.chitubox.com/login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe	357 B	2023-03-07	2023-03-12
Pretty URL cc.chitubox.com/login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe IP 47.246.44.209 ASN #24429 Zhejiang Taobao Network Co.,Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:07 Last Seen2023-03-12 23:56:29 Times Seen1 Hash 1e342bb18f8ec6e8b82f59e06f3d0b1e 74827f5c504c8154075d07465778d5ea54a79d7f a3b2629950d7a270f02d93e2f9d53aeaf6b81b967c8c95146f5116f0f26a824a Loading...

	www.googletagmanager.com/gtm.js?id=GTM-P3GPWJM	143 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-P3GPWJM IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:47:25 Last Seen2023-03-08 15:47:25 Times Seen1 Hash 5afa6af4220dc1d7b7c161712b6e6094 3a5a41f30720976cd7c9755c283f1b4425a56383 2202dafc192510527f2669ed184b9afa78babadd46ff6b1072273f8e34c40ccb Loading...

	www.googletagmanager.com/gtag/js?id=G-VT08P6LCX3&l=dataLayer&cx=c	230 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-VT08P6LCX3&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:47:25 Last Seen2023-03-08 15:47:25 Times Seen1 Hash af780ec1a34c5f621f4a2b3238c3b83f e8e2e3c7dba38a93a4ed33518c3517cd68f5ecaa c8ada5ad7dbc12769a41e3d5e7832fbc9f42eb55b425e2867daff05c99ee6a4b Loading...

	connect.facebook.net/en_US/sdk.js	3.1 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/en_US/sdk.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:47:25 Last Seen2023-03-08 15:47:25 Times Seen1 Hash c4e18962ed56ff7eaec8d0fb9629ed71 d1c8c9cfd377320c7e792af05ad7aada6d399a13 f7fb7c432c7877c94c8ba9a646a2819a824a3b9c421d40ee93ee4459547939bc Loading...

	cc.chitubox.com/polyfills-es2015.f955ee086c41edabf52d.js	37 kB	2023-03-08	2023-05-03
Pretty URL cc.chitubox.com/polyfills-es2015.f955ee086c41edabf52d.js IP 47.246.44.209 ASN #24429 Zhejiang Taobao Network Co.,Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:47:25 Last Seen2023-05-03 11:29:22 Times Seen3 Hash ffcd4dd7684e0bcb41aa39c9a62c68ca b4399849d3177220f44ca3b2fadb7b626e331a2e 51c7afad855cd0d219558feb41a91b974ea0e8b2322411307c9c5eb5cc62a14f Loading...

	mccdn.me/assets/js/widget.js	365 kB	2023-03-08	2023-03-08
Pretty URL mccdn.me/assets/js/widget.js IP 172.67.72.108 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:32:25 Last Seen2023-03-08 15:47:25 Times Seen1 Hash f20b956fb3df58ab5a21b3cfc3682b73 e6b1bf3f1f5b3609c170b7fbfc7c826e4d643f80 d8a817508118db174438fb8bf483a078859e276510ce690ccec027bd15418213 Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 08:56:13 Times Seen37035375 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/10973682359/?random=1670122817881&cv=11&fst=1670122817881&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&tiba=CHITUBOX%20Customer%20Center&auid=1294913482.1670122818&data=event%3Dgtag.config&rfmt=3&fmt=4	2.2 kB	2023-03-08	2023-03-08
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/10973682359/?random=1670122817881&cv=11&fst=1670122817881&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&tiba=CHITUBOX%20Customer%20Center&auid=1294913482.1670122818&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.66 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:47:25 Last Seen2023-03-08 15:47:25 Times Seen1 Hash 8a94ce98a527f0e51fb46b112a360bbf a4ec8f8dce7cf4d843597a86dd76cd64253b4345 46e2cc80a5347f6b2a660c5fe35833310c77bcc3d05aa8811620151b1be0c1d0 Loading...

HTTP Transactions (91)

URL IP Response Size

cc.chitubox.com/login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe

47.246.44.209

301 Moved Permanently

262 B

URL HTTP/1.1
cc.chitubox.com/login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
262 B (262 bytes)
Hash
72fa0fca20c82853e6dbbc1f13c78100
4e9b01e3ad0b56c9409bb02e5700430792fecacd
4555de589ff9b307e20c708d6f112bc47bb377df29ff0a5914f8fb0932926887

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 04 Dec 2022 03:00:15 GMT
Content-Type: text/html
Content-Length: 262
Connection: keep-alive
Location: https://cc.chitubox.com/login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe
Via: cache8.se1[,0]
Timing-Allow-Origin: *
EagleId: 2ff62c9c16701228150968210e

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8099
Expires: Sun, 04 Dec 2022 05:15:14 GMT
Date: Sun, 04 Dec 2022 03:00:15 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4091
Cache-Control: max-age=117548
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 03:00:15 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 11:39:23 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7693
Expires: Sun, 04 Dec 2022 05:08:28 GMT
Date: Sun, 04 Dec 2022 03:00:15 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 02:20:02 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2413
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: kumnunDAFQhf46uRxE8glvpG6yCcymhKsohgt98fHxgWyENuzlXTDyv0BYS2tA06ninwvznwk5c=
x-amz-request-id: YPR4FARR0RVYJP3Y
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 02:46:48 GMT
age: 807
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

status.geotrust.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.geotrust.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
142545664fea0a43ce1a1ba8ae855fad
734946e19b1007ced374861e7bbecc1cc4aa63b3
7a35aff0e6a7b4c3061b118f91dac5ccbcdb1cb40cb4d59790ef4c4f3f9c087a

HTTP Headers

POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1692
Cache-Control: max-age=165513
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 03:00:15 GMT
Etag: "638bea2c-1d7"
Expires: Tue, 06 Dec 2022 00:58:48 GMT
Last-Modified: Sun, 04 Dec 2022 00:30:36 GMT
Server: ECS (amb/6B72)
X-Cache: HIT
Content-Length: 471

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 03:00:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 02:11:19 GMT
cache-control: public,max-age=3600
age: 2936
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4085
Cache-Control: max-age=112481
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 03:00:15 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 10:14:56 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.186.209.73

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.186.209.73:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gD8PHSur5KEQsT61EZc1XQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Jdd0vvS1QrajEVA3WjYbUZNEvlI=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2933
Expires: Sun, 04 Dec 2022 03:49:10 GMT
Date: Sun, 04 Dec 2022 03:00:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2933
Expires: Sun, 04 Dec 2022 03:49:10 GMT
Date: Sun, 04 Dec 2022 03:00:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2933
Expires: Sun, 04 Dec 2022 03:49:10 GMT
Date: Sun, 04 Dec 2022 03:00:17 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11482 bytes)
Hash
1521243a6fc065bb631bfbde22886fa2
527220e4e8cd1065ce05fcd0694d0d703d817e2e
b83ebf768bbfb34f49d5467f3dfb43ceb3ca3d30d3454e6f37db9aef72d7689a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11482
x-amzn-requestid: d1db05ab-bd5d-4ad4-96b4-8f439152e435
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clssNEeAoAMFh_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc181-0221c53842a2f5ef071e8071;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UZ5kblxfN8fkp55YeSpUA55GzDxZgsLpFZrYTsdJBihf53HLCN0hTA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 22:17:35 GMT
age: 16962
etag: "527220e4e8cd1065ce05fcd0694d0d703d817e2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5681 bytes)
Hash
43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vNP2rQwmWTntetjJyjonO8N_YOBqvQuZUm42BWX7c1GoX7jASOIpCg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:49:42 GMT
age: 18635
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8cb98e4-6956-416c-82e2-269c1c3a9ea7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9447 bytes)
Hash
95358bd2d700ee56273f5c03bb1b0ec9
3382013402b80585d811e8df916e32c055e559b7
9bdcf882b96fbbac533a799269480cc1af0e1dd891854939e1500adf2a5d1c10

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8cb98e4-6956-416c-82e2-269c1c3a9ea7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9447
x-amzn-requestid: 7f33035c-70b3-4efd-9bbe-0975847cb21a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltmLExfoAMFwYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f4-20c26c902a341f7a00b62316;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PpTFuHAWhFD1MhQGFZWYpenveUsGPtRE3GkL0Dy1mSFh-EeDcUKa_w==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 22:16:34 GMT
age: 17023
etag: "3382013402b80585d811e8df916e32c055e559b7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (16143 bytes)
Hash
14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KHd4ajJWl-8TDH5HGbkuJXI4NL6I83IwSUBKzfq85cxpyRH_LGl6OA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 07:43:43 GMT
age: 69394
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7503 bytes)
Hash
c1a6f4805f59db44f9d3520d88701a58
6a0258e8c97ce09f1723382c8a16d9682b7dc50c
ae120df5e96352c6998c24c69c709dfd2b01a7ff8a7b935d496757fd7661f2f5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7503
x-amzn-requestid: b096d14d-15bf-4d18-9930-5fffe561a40b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cgZwuFMcoAMFbTA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389a337-1d3c4759652c0b314f458aa8;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 07:03:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3jrjQkv2nL9y5cmo5g30an3DJE0wiK2ifHwkukMztymsg6nDnXWOJw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 07:23:19 GMT
age: 70618
etag: "6a0258e8c97ce09f1723382c8a16d9682b7dc50c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10431 bytes)
Hash
2636f91bb8fa4d9bb7bef114c248a9ae
8637105f41058bc0d2b259d462b560881928adb6
3d93fd8fcf1af31d00ccbd453142dbea5f2b91d7f58373095943ed40a31ed1f7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10431
x-amzn-requestid: f79ab5e7-8c1b-4827-a531-aaa19c1d80aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsCGEwxIAMF34g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc073-6358d2950955884c470c0a89;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PQ7xh995cd1UVi3z42EVZGjQjHLLvtAP5BBC-xLEEGr4mEiXS6fC-w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:47:06 GMT
age: 18791
etag: "8637105f41058bc0d2b259d462b560881928adb6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
7563cd42e3c5ccc65e7249e1edc2beba
d2e1b5ed97b7a6d19185364397e424cee105cd22
7dd66ae25d6ae1b33e639ee37e82f69f51d5ab7df4f99b7953f54580100d743c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3148
Cache-Control: max-age=152238
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 03:00:19 GMT
Etag: "638bb0a5-118"
Expires: Mon, 05 Dec 2022 21:17:37 GMT
Last-Modified: Sat, 03 Dec 2022 20:25:09 GMT
Server: ECS (amb/6B90)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 03:00:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=AW-10973682359

142.250.74.168

200 OK

71 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=AW-10973682359
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (9889)
Size
71 kB (70773 bytes)
Hash
b39b7bd3edea061ffea7a09d21c144c0
f34a554317c1a2ea21f1fddd1357aa1ef18c0c76
f834020533c88f4338bc38c848fc619cb6a3594a682daa3210950daae4b9858a

HTTP Headers

GET /gtag/js?id=AW-10973682359 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 03:00:19 GMT
expires: Sun, 04 Dec 2022 03:00:19 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70773
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-P3GPWJM

142.250.74.168

200 OK

51 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-P3GPWJM
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (10798)
Size
51 kB (51212 bytes)
Hash
0454c07da6b19801acf9da99d7db53a3
96972e43012f9757c1ae03ad58a6de117f3e0d30
73690f1ac3d7c7c76bcb2d27796d785edb6e19a5aa2368ef24e47f208a353fe3

HTTP Headers

GET /gtm.js?id=GTM-P3GPWJM HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 03:00:19 GMT
expires: Sun, 04 Dec 2022 03:00:19 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 51212
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

mccdn.me/assets/js/widget.js

172.67.72.108

200 OK

105 kB

URL HTTP/2
mccdn.me/assets/js/widget.js
IP
172.67.72.108:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
105 kB (104731 bytes)
Hash
e9072227a0d070266164081852ae1433
ff8c5ef57a2fdf56786e9420f2896adee5cd7352
41ed4866ec0433c08d598dd9431907218f0e9ebf6e73d2625f2d3e9d3d57a543

HTTP Headers

GET /assets/js/widget.js HTTP/1.1
Host: mccdn.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 04 Dec 2022 03:00:19 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 03 Dec 2022 07:16:36 GMT
etag: W/"638af7d4-592a1"
access-control-allow-origin: https://manychat.com
timing-allow-origin: *
cache-control: public, max-age=7200
cf-cache-status: HIT
age: 5829
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmZdJeFAckUQ80lPeWEZ2sv2w8ycwrXog3nJHZFgMm1Y2e2Bfbp%2FQos%2BI%2FkI%2FGHHqHybK%2BzHaZQ8%2F51CKmtmoCNXuS%2Bqtg2MXDug8l4gCgyZ4bcjJkrg1J%2Fo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77414a887a32b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

281 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
281 B (281 bytes)
Hash
83c1cfde6a334befd4fc063745c6281f
83d2051d351c417ae9a0388f87029e81a8da2ce7
7d6719b3dd1480146ce86ed878c68fff1ff0813051aa88b037f80602cf7034e0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 03:00:20 GMT
Content-Type: application/ocsp-response
Content-Length: 281
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 10:12:24 GMT
Expires: Fri, 09 Dec 2022 10:12:23 GMT
Etag: "83d2051d351c417ae9a0388f87029e81a8da2ce7"
Cache-Control: max-age=457322,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77414a88ac7fb4ff-OSL

aeis.alicdn.com/sd/ncpc/nc.js?t=20200808

184.30.29.156

200 OK

68 kB

URL HTTP/2
aeis.alicdn.com/sd/ncpc/nc.js?t=20200808
IP
184.30.29.156:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (32041)
Size
68 kB (68528 bytes)
Hash
526dfb228e3dd7fa5e6f710dd8311df9
7a34728c235ef775827f7aef6c5402b7a049d2fe
1379a29e0395ed1376910e050e8fb112a4ea0d5948d6e0cb1d4855909fb0e0c7

HTTP Headers

GET /sd/ncpc/nc.js?t=20200808 HTTP/1.1
Host: aeis.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 68528
x-oss-request-id: 638BFFB008AC1934390A026E
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1896631701240726225
x-oss-storage-class: Standard
content-md5: 0UnMBXaEFIrORv8/CaTsog==
x-oss-server-time: 4
x-source-scheme: https
content-encoding: gzip
ali-swift-global-savetime: 1670119345
x-swift-savetime: Sun, 04 Dec 2022 02:02:51 GMT
x-swift-cachetime: 3574
eagleid: 2ff62c9616701193716633256e
served-from: 104.123.68.223
cache-control: max-age=134, s-maxage=3600
expires: Sun, 04 Dec 2022 03:02:34 GMT
date: Sun, 04 Dec 2022 03:00:20 GMT
vary: Accept-Encoding
network_info: NO_OSLO_50304
timing-allow-origin: *, *
access-control-allow-origin: *
access-control-expose-headers: FW_IP
fw_ip: 184.30.29.156
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

280 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
280 B (280 bytes)
Hash
2735c6eeb6a265bbd4ba01062f0247c0
d73861e18da9967b4f915a241d941d5fe8945bc6
bb2ce78e617c40df6f216571e45d42a174084fdc12e606dba5b751b62852c98c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 03:00:20 GMT
Content-Type: application/ocsp-response
Content-Length: 280
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 06:19:30 GMT
Expires: Sat, 10 Dec 2022 06:19:29 GMT
Etag: "d73861e18da9967b4f915a241d941d5fe8945bc6"
Cache-Control: max-age=529748,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77414a8c0cceb50c-OSL

manychat.com/pixel/logEvent

18.185.191.84

204 No Content

0 B

URL HTTP/2
manychat.com/pixel/logEvent
IP
18.185.191.84:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /pixel/logEvent HTTP/1.1
Host: manychat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cc.chitubox.com/
Origin: https://cc.chitubox.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: openresty/1.21.4.1
date: Sun, 04 Dec 2022 03:00:20 GMT
access-control-allow-origin: https://cc.chitubox.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

280 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
280 B (280 bytes)
Hash
2735c6eeb6a265bbd4ba01062f0247c0
d73861e18da9967b4f915a241d941d5fe8945bc6
bb2ce78e617c40df6f216571e45d42a174084fdc12e606dba5b751b62852c98c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 03:00:20 GMT
Content-Type: application/ocsp-response
Content-Length: 280
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 06:19:30 GMT
Expires: Sat, 10 Dec 2022 06:19:29 GMT
Etag: "d73861e18da9967b4f915a241d941d5fe8945bc6"
Cache-Control: max-age=529748,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77414a8c0df7b4ff-OSL

cc.chitubox.com/favicon.ico

47.246.44.209

200 OK

2.8 kB

URL HTTP/2
cc.chitubox.com/favicon.ico
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
2.8 kB (2840 bytes)
Hash
d456ba3d8107e26f379069e0d1466512
ddd7dffcb856bfd36f0ee4ba5001078c98504a8b
16d5046af4553cf81a8386e2696adffcc1e9b23945dc15fc000047fef5981ff2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.1.432596966.1670122819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/x-icon
content-length: 2840
date: Sun, 04 Dec 2022 02:06:42 GMT
last-modified: Fri, 02 Dec 2022 06:21:14 GMT
etag: "6389995a-b18"
accept-ranges: bytes
ali-swift-global-savetime: 1670119602
via: cache5.l2de2[0,0,304-0,H], cache4.l2de2[2,0], cache1.se1[24,24,200-0,H], cache5.se1[26,0]
age: 3219
x-cache: HIT TCP_REFRESH_HIT dirn:4:171967290
x-swift-savetime: Sun, 04 Dec 2022 03:00:21 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228210354762e
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fd0b48347644ddc60fb16b04140cfcb7
ef8d6c8e3c979e98c82655290150aa14fe5d44d1
f3d27c16653ed979a7cce2dc6239a48a86c7dab2fc34949b540802e50b05275a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6122
Cache-Control: max-age=149832
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 03:00:21 GMT
Etag: "638b9ba3-1d7"
Expires: Mon, 05 Dec 2022 20:37:33 GMT
Last-Modified: Sat, 03 Dec 2022 18:55:31 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

www.google-analytics.com/analytics.js

142.250.74.46

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 04 Dec 2022 02:46:55 GMT
expires: Sun, 04 Dec 2022 04:46:55 GMT
cache-control: public, max-age=7200
age: 806
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

connect.facebook.net/en_US/sdk.js

31.13.72.12

200 OK

1.7 kB

URL HTTP/2
connect.facebook.net/en_US/sdk.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (1957)
Size
1.7 kB (1686 bytes)
Hash
b70f1729407bfb6613436028eac62f09
92c1012d893b96a85491199ace9c42e1a3b1fec4
18b84026dae418a4f3fd11c59f06d0d09ffb4cb93ff3a2f2c638adeadfe43a3c

HTTP Headers

GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: c4e18962ed56ff7eaec8d0fb9629ed71
etag: "85d0a87b8e8ae354a94223d385583da0"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 04 Dec 2022 03:18:58 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: tw8XKUB7+2YTQ2Ao6sYvCQ==
x-fb-debug: FUFh4riMZOEXdzs01pDed5Wi83b5ffS6o6cmx9TT6Xtl3i6ktNZxrZQw5HHiPbGGWXYy5hMiqOwZJkuIKbx6qQ==
priority: u=3,i
content-length: 1686
x-fb-trip-id: 1904183273
date: Sun, 04 Dec 2022 03:00:21 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
08ca0238100c906a665f21b1caa97f47
3f605891faeafb51a36cecd25d331bcc450d34e9
35dac74d71c723f7a8e7585174fad51a0115e4a294a2c0d80b63026e25825618

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 03:00:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

connect.facebook.net/en_US/sdk/xfbml.customerchat.js

31.13.72.12

200 OK

92 kB

URL HTTP/2
connect.facebook.net/en_US/sdk/xfbml.customerchat.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (20829)
Size
92 kB (92387 bytes)
Hash
c503079183117ec5b74901c88db9e961
dd42437347a6c692b6d8ee44ff3d6b506a7dee21
7384f42aa1a20c95de64551781a8da7288804235a734943e2a57bfdd5a1d4165

HTTP Headers

GET /en_US/sdk/xfbml.customerchat.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 565196ee90ffeed4b95f5636f493927d
etag: "8000f16bb5e9f71e887bb4ffa019b953"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 04 Dec 2022 03:17:28 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: xQMHkYMRfsW3SQHIjbnpYQ==
x-fb-debug: Q83Js2Rq9yh5sUHEMr9/VG3Hvm9tw953d1dVjzkktdbvRUJeAiKmpQlo4nJxDe6TTpXBTQ1p9+MPJeEIXmaLTA==
content-length: 92387
x-fb-trip-id: 1904183273
date: Sun, 04 Dec 2022 03:00:21 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.google-analytics.com/j/collect?v=1&_v=j98&a=1827704936&t=pageview&_s=1&dl=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&ul=en-us&de=UTF-8&dt=CHITUBOX%20Customer%20Center&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YADAAEABAAAAACAAI~&jid=972663099&gjid=204292919&cid=432596966.1670122819&tid=UA-211432644-1&_gid=403868981.1670122819&_r=1&gtm=2wgbu0P3GPWJM&z=1662698601

142.250.74.46

200 OK

2 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j98&a=1827704936&t=pageview&_s=1&dl=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&ul=en-us&de=UTF-8&dt=CHITUBOX%20Customer%20Center&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YADAAEABAAAAACAAI~&jid=972663099&gjid=204292919&cid=432596966.1670122819&tid=UA-211432644-1&_gid=403868981.1670122819&_r=1&gtm=2wgbu0P3GPWJM&z=1662698601
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

HTTP Headers

POST /j/collect?v=1&_v=j98&a=1827704936&t=pageview&_s=1&dl=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&ul=en-us&de=UTF-8&dt=CHITUBOX%20Customer%20Center&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YADAAEABAAAAACAAI~&jid=972663099&gjid=204292919&cid=432596966.1670122819&tid=UA-211432644-1&_gid=403868981.1670122819&_r=1&gtm=2wgbu0P3GPWJM&z=1662698601 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://cc.chitubox.com
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://cc.chitubox.com
date: Sun, 04 Dec 2022 03:00:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/10973682359/?random=1670122817881&cv=11&fst=1670122817881&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&tiba=CHITUBOX%20Customer%20Center&auid=1294913482.1670122818&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.66

200 OK

960 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10973682359/?random=1670122817881&cv=11&fst=1670122817881&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&tiba=CHITUBOX%20Customer%20Center&auid=1294913482.1670122818&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2191), with no line terminators
Size
960 B (960 bytes)
Hash
6fab4de1aa8836ff95a2895cf8231709
9ecae954363a0cc9701a91e924352a4dc40040ad
83160a685c1de61706c3fde708e75278377f1286fa9fb3ad9d17debd155fbccc

HTTP Headers

GET /pagead/viewthroughconversion/10973682359/?random=1670122817881&cv=11&fst=1670122817881&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&tiba=CHITUBOX%20Customer%20Center&auid=1294913482.1670122818&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 03:00:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 960
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 04-Dec-2022 03:15:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fd0b48347644ddc60fb16b04140cfcb7
ef8d6c8e3c979e98c82655290150aa14fe5d44d1
f3d27c16653ed979a7cce2dc6239a48a86c7dab2fc34949b540802e50b05275a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6122
Cache-Control: max-age=149832
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 03:00:21 GMT
Etag: "638b9ba3-1d7"
Expires: Mon, 05 Dec 2022 20:37:33 GMT
Last-Modified: Sat, 03 Dec 2022 18:55:31 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VT08P6LCX3&cid=432596966.1670122819&gtm=2oebu0&aip=1&z=1609794782

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VT08P6LCX3&cid=432596966.1670122819&gtm=2oebu0&aip=1&z=1609794782
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VT08P6LCX3&cid=432596966.1670122819&gtm=2oebu0&aip=1&z=1609794782 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 03:00:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
08ca0238100c906a665f21b1caa97f47
3f605891faeafb51a36cecd25d331bcc450d34e9
35dac74d71c723f7a8e7585174fad51a0115e4a294a2c0d80b63026e25825618

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 03:00:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
663979bbd831a40bec8611cfac8d77af
aa43c96676a33100f244e6772e37adc2b6f89b76
60c21027da288e857f546b531dd226d81206bfa85a35985b0e1587a68dec4d5b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 03:00:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-211432644-1&cid=432596966.1670122819&jid=972663099&gjid=204292919&_gid=403868981.1670122819&_u=YADAAEAAAAAAACAAI~&z=730897997

108.177.14.157

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-211432644-1&cid=432596966.1670122819&jid=972663099&gjid=204292919&_gid=403868981.1670122819&_u=YADAAEAAAAAAACAAI~&z=730897997
IP
108.177.14.157:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-211432644-1&cid=432596966.1670122819&jid=972663099&gjid=204292919&_gid=403868981.1670122819&_u=YADAAEAAAAAAACAAI~&z=730897997 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://cc.chitubox.com
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://cc.chitubox.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 04 Dec 2022 03:00:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-VT08P6LCX3&gtm=2oebu0&_p=1827704936&_gaz=1&cid=432596966.1670122819&ul=en-us&sr=1280x1024&_s=1&sid=1670122818&sct=1&seg=0&dl=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&dt=CHITUBOX%20Customer%20Center&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-VT08P6LCX3&gtm=2oebu0&_p=1827704936&_gaz=1&cid=432596966.1670122819&ul=en-us&sr=1280x1024&_s=1&sid=1670122818&sct=1&seg=0&dl=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&dt=CHITUBOX%20Customer%20Center&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-VT08P6LCX3&gtm=2oebu0&_p=1827704936&_gaz=1&cid=432596966.1670122819&ul=en-us&sr=1280x1024&_s=1&sid=1670122818&sct=1&seg=0&dl=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&dt=CHITUBOX%20Customer%20Center&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cc.chitubox.com
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://cc.chitubox.com
date: Sun, 04 Dec 2022 03:00:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.facebook.com/plugins/customer_chat/SDK/?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df16ca23a54a79dc%26domain%3Dcc.chitubox.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcc.chitubox.com%252Ffea5631a8fbdb4%26relation%3Dparent.parent&current_url=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&event_name=chat_plugin_sdk_facade_create&greeting_dialog_display=show&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=d0d59fa0-b9e7-44a0-962d-72fd68adf611&page_id=110698050301469&ref=w16846475_0d0302db5192915709e942f275219545b8e21085_b758b249-fb64-a68c-ef6a-776e32dffc67&request_time=1670122819294&sdk=joey&should_use_new_domain=false&suppress_http_code=1&theme_color=%23FFFFFF

157.240.240.35

200 OK

0 B

URL HTTP/2
www.facebook.com/plugins/customer_chat/SDK/?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df16ca23a54a79dc%26domain%3Dcc.chitubox.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcc.chitubox.com%252Ffea5631a8fbdb4%26relation%3Dparent.parent&current_url=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&event_name=chat_plugin_sdk_facade_create&greeting_dialog_display=show&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=d0d59fa0-b9e7-44a0-962d-72fd68adf611&page_id=110698050301469&ref=w16846475_0d0302db5192915709e942f275219545b8e21085_b758b249-fb64-a68c-ef6a-776e32dffc67&request_time=1670122819294&sdk=joey&should_use_new_domain=false&suppress_http_code=1&theme_color=%23FFFFFF
IP
157.240.240.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /plugins/customer_chat/SDK/?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df16ca23a54a79dc%26domain%3Dcc.chitubox.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcc.chitubox.com%252Ffea5631a8fbdb4%26relation%3Dparent.parent&current_url=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&event_name=chat_plugin_sdk_facade_create&greeting_dialog_display=show&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=d0d59fa0-b9e7-44a0-962d-72fd68adf611&page_id=110698050301469&ref=w16846475_0d0302db5192915709e942f275219545b8e21085_b758b249-fb64-a68c-ef6a-776e32dffc67&request_time=1670122819294&sdk=joey&should_use_new_domain=false&suppress_http_code=1&theme_color=%23FFFFFF HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: https://cc.chitubox.com
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
access-control-allow-origin: https://cc.chitubox.com
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: cOT16dWaLgMEU1pIXvxuf+SQ0Sdlu/DxSVA6FNy7MX21Ao314kDkH7jr7YrHt6BiEQ7eXkzlTEjP9cgwTqVSsg==
content-length: 0
date: Sun, 04 Dec 2022 03:00:21 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.facebook.com/plugins/customer_chat/facade/?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df16ca23a54a79dc%26domain%3Dcc.chitubox.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcc.chitubox.com%252Ffea5631a8fbdb4%26relation%3Dparent.parent&current_url=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&greeting_dialog_display=show&is_loaded_by_facade=true&locale=en_US&log_id=d0d59fa0-b9e7-44a0-962d-72fd68adf611&page_id=110698050301469&ref=w16846475_0d0302db5192915709e942f275219545b8e21085_b758b249-fb64-a68c-ef6a-776e32dffc67&request_time=1670122819294&sdk=joey&should_use_new_domain=false&suppress_http_code=1&theme_color=%23FFFFFF

157.240.240.35

200 OK

751 B

URL HTTP/2
www.facebook.com/plugins/customer_chat/facade/?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df16ca23a54a79dc%26domain%3Dcc.chitubox.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcc.chitubox.com%252Ffea5631a8fbdb4%26relation%3Dparent.parent&current_url=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&greeting_dialog_display=show&is_loaded_by_facade=true&locale=en_US&log_id=d0d59fa0-b9e7-44a0-962d-72fd68adf611&page_id=110698050301469&ref=w16846475_0d0302db5192915709e942f275219545b8e21085_b758b249-fb64-a68c-ef6a-776e32dffc67&request_time=1670122819294&sdk=joey&should_use_new_domain=false&suppress_http_code=1&theme_color=%23FFFFFF
IP
157.240.240.35:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (1298), with no line terminators
Size
751 B (751 bytes)
Hash
f240d52e06d17e7064ce350a3315979b
18592e58d65687953ea77f5b1cb7d9b74be3bdb8
09d9f677f8049b17536303b4ffe73a1f9f66b5db86ac9c743b269abe60d02eb2

HTTP Headers

GET /plugins/customer_chat/facade/?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df16ca23a54a79dc%26domain%3Dcc.chitubox.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcc.chitubox.com%252Ffea5631a8fbdb4%26relation%3Dparent.parent&current_url=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&greeting_dialog_display=show&is_loaded_by_facade=true&locale=en_US&log_id=d0d59fa0-b9e7-44a0-962d-72fd68adf611&page_id=110698050301469&ref=w16846475_0d0302db5192915709e942f275219545b8e21085_b758b249-fb64-a68c-ef6a-776e32dffc67&request_time=1670122819294&sdk=joey&should_use_new_domain=false&suppress_http_code=1&theme_color=%23FFFFFF HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: https://cc.chitubox.com
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/json; charset=utf-8
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
access-control-allow-origin: https://cc.chitubox.com
strict-transport-security: max-age=15552000; preload
x-fb-debug: aFiKkSdHo157NYSiVJoK8uOM+LLbm0AdTpRvSJBWF0LGA4hOe0JIvXnvcfg+4RgDmxB5VtlfhupoCnGxhkqxyg==
date: Sun, 04 Dec 2022 03:00:21 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cc.chitubox.com/assets/img/logo.png

47.246.44.209

200 OK

8.4 kB

URL HTTP/2
cc.chitubox.com/assets/img/logo.png
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
PNG image data, 835 x 168, 8-bit/color RGBA, non-interlaced\012- data
Size
8.4 kB (8442 bytes)
Hash
dc1b44a5787581a2385c954b8d7fa1a9
ebdc9356b984234792e087f392e8627df58e2723
cef740539a557a071a656e72abc3ad1dde0c0dd14d6902ad821069ddc1ed47c2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/logo.png HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 8442
date: Sun, 04 Dec 2022 02:41:09 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: "63899959-20fa"
accept-ranges: bytes
ali-swift-global-savetime: 1670121669
via: cache14.l2de2[0,0,304-0,H], cache15.l2de2[1,0], cache5.se1[22,21,200-0,H], cache5.se1[24,0]
age: 1152
x-cache: HIT TCP_REFRESH_HIT dirn:1:349461858
x-swift-savetime: Sun, 04 Dec 2022 03:00:21 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228219065063e
X-Firefox-Spdy: h2

cc.chitubox.com/assets/img/login_top_logo.png

47.246.44.209

200 OK

6.0 kB

URL HTTP/2
cc.chitubox.com/assets/img/login_top_logo.png
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
PNG image data, 145 x 145, 8-bit/color RGBA, non-interlaced\012- data
Size
6.0 kB (6023 bytes)
Hash
d51da6d2fe5a7ac89098f24aea9557cc
3ae0e8e8c47ea5d1752b8afe31fa248c312cf852
41f7b5164757ae57c53f7ebd12ce25bcf4733c526e8a81ae23f6dac6168defff

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/login_top_logo.png HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 6023
date: Sun, 04 Dec 2022 02:06:42 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: "63899959-1787"
accept-ranges: bytes
ali-swift-global-savetime: 1670119602
via: cache4.l2de2[0,0,304-0,H], cache5.l2de2[2,0], cache3.se1[23,23,200-0,H], cache5.se1[25,0]
age: 3219
x-cache: HIT TCP_REFRESH_HIT dirn:11:439578655
x-swift-savetime: Sun, 04 Dec 2022 03:00:21 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228219105064e
X-Firefox-Spdy: h2

cc.chitubox.com/assets/img/login/chitubox.png

47.246.44.209

200 OK

3.2 kB

URL HTTP/2
cc.chitubox.com/assets/img/login/chitubox.png
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
PNG image data, 228 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
3.2 kB (3245 bytes)
Hash
67b691fde3681d80b157e548645cfcec
46ce201f5230dd099bf78dd8da2e91d9979d0e81
9383a3cbd182625279cd9222564c9d2958b80832421fb9b5b6c97caba508fa03

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/login/chitubox.png HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 3245
date: Sun, 04 Dec 2022 02:07:05 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: "63899959-cad"
accept-ranges: bytes
ali-swift-global-savetime: 1670119625
via: cache8.l2de2[0,0,304-0,H], cache21.l2de2[1,0], cache3.se1[22,22,200-0,H], cache5.se1[24,0]
age: 3196
x-cache: HIT TCP_REFRESH_HIT dirn:2:421778724
x-swift-savetime: Sun, 04 Dec 2022 03:00:21 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228219345076e
X-Firefox-Spdy: h2

cc.chitubox.com/assets/img/login/login-left.png

47.246.44.209

200 OK

179 kB

URL HTTP/2
cc.chitubox.com/assets/img/login/login-left.png
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
PNG image data, 400 x 601, 8-bit/color RGBA, non-interlaced\012- data
Size
179 kB (178682 bytes)
Hash
5f5812b1130c8448fc536745f2298f6f
4ef421d0e5ba74705e452e6631733b182e960c05
b310733428235b5290327138303579bb7c82890915af7bbbad31eb0f8f24f9e0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/login/login-left.png HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 178682
date: Sun, 04 Dec 2022 02:07:05 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: "63899959-2b9fa"
accept-ranges: bytes
ali-swift-global-savetime: 1670119625
via: cache6.l2de2[0,0,304-0,H], cache5.l2de2[1,0], cache4.se1[25,25,200-0,H], cache5.se1[27,0]
age: 3196
x-cache: HIT TCP_REFRESH_HIT dirn:11:108619793
x-swift-savetime: Sun, 04 Dec 2022 03:00:21 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228219345075e
X-Firefox-Spdy: h2

cc.chitubox.com/assets/img/login/facebook-icon.svg

47.246.44.209

200 OK

425 B

URL HTTP/2
cc.chitubox.com/assets/img/login/facebook-icon.svg
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (405), with no line terminators
Size
425 B (425 bytes)
Hash
7b354143354374625e1339d64076acdb
e70a167f1670ea416bb9b5a487fc03c4040cdbf6
f5cc534d42889826c91d3938ade6efb55e72ece37ab8444728fab01a627dc7ba

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/login/facebook-icon.svg HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
content-length: 425
date: Sun, 04 Dec 2022 02:07:05 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: "63899959-1a9"
accept-ranges: bytes
ali-swift-global-savetime: 1670119625
via: cache15.l2de2[0,0,304-0,H], cache25.l2de2[0,0], cache5.se1[21,22,200-0,H], cache5.se1[23,0]
age: 3196
x-cache: HIT TCP_REFRESH_HIT dirn:4:350294826
x-swift-savetime: Sun, 04 Dec 2022 03:00:21 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228219515080e
X-Firefox-Spdy: h2

cc.chitubox.com/assets/img/nav/nav_chitubox_pro.jpg

47.246.44.209

200 OK

37 kB

URL HTTP/2
cc.chitubox.com/assets/img/nav/nav_chitubox_pro.jpg
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 292x166, components 3\012- data
Size
37 kB (37290 bytes)
Hash
4d5e2a3d41985508abb491bb1c3bb076
e642b6d3e871b0354364375867e3eea79c4ad3be
e347aa15041d506fa9609d7ca11900bf96331b8c1acb40e8f6452328677f23ec

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/nav/nav_chitubox_pro.jpg HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/jpeg
content-length: 37290
date: Sun, 04 Dec 2022 02:41:09 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: "63899959-91aa"
accept-ranges: bytes
ali-swift-global-savetime: 1670121669
via: cache12.l2de2[0,0,304-0,H], cache15.l2de2[0,0], cache5.se1[22,22,200-0,H], cache5.se1[23,0]
age: 1153
x-cache: HIT TCP_REFRESH_HIT dirn:4:350210842
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228220325117e
X-Firefox-Spdy: h2

cc.chitubox.com/assets/img/nav/nav_chitubox_free.png

47.246.44.209

200 OK

36 kB

URL HTTP/2
cc.chitubox.com/assets/img/nav/nav_chitubox_free.png
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
PNG image data, 292 x 164, 8-bit/color RGB, non-interlaced\012- data
Size
36 kB (35715 bytes)
Hash
a77623dcab66faabd2e40bf6916b791f
c804311ceb7d2c2fcb0942d82cd3cbc31d93dfb1
2619bf502dd1e9dccd4987f329122fba82ea383776287452a76966114d9d18f2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/nav/nav_chitubox_free.png HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 35715
date: Sun, 04 Dec 2022 02:41:09 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: "63899959-8b83"
accept-ranges: bytes
ali-swift-global-savetime: 1670121669
via: cache19.l2de2[0,0,304-0,H], cache3.l2de2[1,0], cache8.se1[23,23,200-0,H], cache5.se1[24,0]
age: 1153
x-cache: HIT TCP_REFRESH_HIT dirn:4:13843647
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228220315116e
X-Firefox-Spdy: h2

cc.chitubox.com/assets/img/login/google-icon.svg

47.246.44.209

200 OK

27 kB

URL HTTP/2
cc.chitubox.com/assets/img/login/google-icon.svg
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
27 kB (26746 bytes)
Hash
1b7cb23ab820f8ea30a9b8defa038434
edaee5e78398c155aa1d16a4b5dda25431111e0f
e3b3be4597edc11e78446e3e6ccb8695e07e38dd5b3b226f7e7ff2c9b15645e2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/login/google-icon.svg HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
vary: Accept-Encoding
date: Sun, 04 Dec 2022 02:07:05 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: W/"63899959-707"
ali-swift-global-savetime: 1670119625
via: cache17.l2de2[0,0,304-0,H], cache8.l2de2[1,0], cache7.se1[23,23,200-0,H], cache5.se1[25,0]
age: 3196
x-cache: HIT TCP_REFRESH_HIT dirn:3:426502390
x-swift-savetime: Sun, 04 Dec 2022 03:00:21 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228219515081e
content-encoding: gzip
X-Firefox-Spdy: h2

cc.chitubox.com/assets/img/nav_chitubox_vs.jpg

47.246.44.209

200 OK

22 kB

URL HTTP/2
cc.chitubox.com/assets/img/nav_chitubox_vs.jpg
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 294x169, components 3\012- data
Size
22 kB (22455 bytes)
Hash
a71625cd1ab871765ed9e8fd533d8165
21c20a1801b089a7b01e114fb2a50cebc0a8827e
782a58257677257bbfd9902a9e981526fb44332d5c3c06b5586cbc70672ed823

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/nav_chitubox_vs.jpg HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/jpeg
content-length: 22455
date: Sun, 04 Dec 2022 02:41:09 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: "63899959-57b7"
accept-ranges: bytes
ali-swift-global-savetime: 1670121669
via: cache2.l2de2[0,0,304-0,H], cache5.l2de2[1,0], cache3.se1[23,23,200-0,H], cache5.se1[25,0]
age: 1153
x-cache: HIT TCP_REFRESH_HIT dirn:1:406416973
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228220425121e
X-Firefox-Spdy: h2

cc.chitubox.com/assets/img/promotion/header-new-icon.png

47.246.44.209

200 OK

2.3 kB

URL HTTP/2
cc.chitubox.com/assets/img/promotion/header-new-icon.png
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
PNG image data, 31 x 35, 8-bit/color RGBA, non-interlaced\012- data
Size
2.3 kB (2315 bytes)
Hash
fe4f56cf8b269a7d1ed30aa32b07d9ea
a4aea334b17513cf5723fb5174e7e56602b93dbc
5bc84a1eafe43566890d09e46cde618f80dce6779bf8dca990caa5d34308693a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/promotion/header-new-icon.png HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 2315
date: Sun, 04 Dec 2022 02:41:09 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: "63899959-90b"
accept-ranges: bytes
ali-swift-global-savetime: 1670121669
via: cache5.l2de2[0,0,304-0,H], cache25.l2de2[1,0], cache7.se1[21,22,200-0,H], cache5.se1[23,0]
age: 1153
x-cache: HIT TCP_REFRESH_HIT dirn:11:430528758
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228220535130e
X-Firefox-Spdy: h2

manychat.com/pixel/logEvent

18.185.191.84

200 OK

11 kB

URL HTTP/2
manychat.com/pixel/logEvent
IP
18.185.191.84:0
ASN
#16509 AMAZON-02

File type
data
Size
11 kB (10557 bytes)
Hash
9ad5ef5cf715b73b24d1ec0461385746
d3512f05c29a3dd1cff69a5871b4a3be522f4380
8504b1d0e89c85412954c7961106c18241dce4d6fb0c24ab3a569dbc0429612a

HTTP Headers

POST /pixel/logEvent HTTP/1.1
Host: manychat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 664
Origin: https://cc.chitubox.com
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty/1.21.4.1
date: Sun, 04 Dec 2022 03:00:20 GMT
content-type: application/json
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

cc.chitubox.com/assets/img/icon.png?t=016

47.246.44.209

200 OK

41 kB

URL HTTP/2
cc.chitubox.com/assets/img/icon.png?t=016
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
PNG image data, 512 x 466, 8-bit/color RGBA, non-interlaced\012- data
Size
41 kB (41249 bytes)
Hash
b716df96cc1ef83873d0f2cf8c849b0b
ba8e82a82d0738816f4465d8fa7dcdf16c649467
ffe53153b2cf88210904338f3d1854ec359805f35d5bdc439efa94e7ba924c45

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/icon.png?t=016 HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/styles.103ede9607ea4095d692.css
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 41249
date: Sun, 04 Dec 2022 02:41:09 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: "63899959-a121"
accept-ranges: bytes
ali-swift-global-savetime: 1670121669
via: cache3.l2de2[0,0,304-0,H], cache20.l2de2[0,0], cache3.se1[22,22,200-0,H], cache5.se1[24,0]
age: 1153
x-cache: HIT TCP_REFRESH_HIT dirn:2:421698657
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228220975157e
X-Firefox-Spdy: h2

cc.chitubox.com/login-background.9f2e4781efb48cb29311.png

47.246.44.209

200 OK

958 kB

URL HTTP/2
cc.chitubox.com/login-background.9f2e4781efb48cb29311.png
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
PNG image data, 1920 x 773, 8-bit/color RGBA, non-interlaced\012- data
Size
958 kB (957481 bytes)
Hash
671417d5e65d351ce16ff67696b3da64
5384875c1ed2093529bfdfb853b008be1f5dc1ab
1e00fab9413be8d0230d948175b8a2e3623621f4a83e3632337f7a020974dc12

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /login-background.9f2e4781efb48cb29311.png HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 957481
date: Sun, 04 Dec 2022 02:10:32 GMT
last-modified: Fri, 02 Dec 2022 06:21:14 GMT
etag: "6389995a-e9c29"
accept-ranges: bytes
ali-swift-global-savetime: 1670119832
via: cache20.l2de2[0,0,304-0,H], cache10.l2de2[1,0], cache5.se1[22,23,200-0,H], cache5.se1[27,0]
age: 2990
x-cache: HIT TCP_REFRESH_HIT dirn:11:345184522
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228220865155e
X-Firefox-Spdy: h2

cc.chitubox.com/fontawesome-webfont.20fd1704ea223900efa9.woff2?v=4.7.0

47.246.44.209

200 OK

77 kB

URL HTTP/2
cc.chitubox.com/fontawesome-webfont.20fd1704ea223900efa9.woff2?v=4.7.0
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /fontawesome-webfont.20fd1704ea223900efa9.woff2?v=4.7.0 HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cc.chitubox.com/styles.103ede9607ea4095d692.css
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: font/woff2
content-length: 77160
date: Sun, 04 Dec 2022 02:41:09 GMT
last-modified: Fri, 02 Dec 2022 06:21:14 GMT
etag: "6389995a-12d68"
accept-ranges: bytes
ali-swift-global-savetime: 1670121669
via: cache15.l2de2[0,0,304-0,H], cache8.l2de2[0,0], cache4.se1[21,21,200-0,H], cache5.se1[24,0]
age: 1153
x-cache: HIT TCP_REFRESH_HIT dirn:2:94134646
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228221335173e
X-Firefox-Spdy: h2

cc.chitubox.com/assets/img/icon.png

47.246.44.209

200 OK

41 kB

URL HTTP/2
cc.chitubox.com/assets/img/icon.png
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
PNG image data, 512 x 466, 8-bit/color RGBA, non-interlaced\012- data
Size
41 kB (41249 bytes)
Hash
b716df96cc1ef83873d0f2cf8c849b0b
ba8e82a82d0738816f4465d8fa7dcdf16c649467
ffe53153b2cf88210904338f3d1854ec359805f35d5bdc439efa94e7ba924c45

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/icon.png HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/styles.103ede9607ea4095d692.css
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 41249
date: Sun, 04 Dec 2022 02:06:42 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: "63899959-a121"
accept-ranges: bytes
ali-swift-global-savetime: 1670119602
via: cache14.l2de2[0,0,304-0,H], cache4.l2de2[1,0], cache8.se1[87,87,200-0,H], cache5.se1[93,0]
age: 3220
x-cache: HIT TCP_REFRESH_HIT dirn:11:15829075
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228220865154e
X-Firefox-Spdy: h2

cc.chitubox.com/assets/img/nav/what_new.png

47.246.44.209

200 OK

13 kB

URL HTTP/2
cc.chitubox.com/assets/img/nav/what_new.png
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
PNG image data, 290 x 165, 8-bit/color RGB, non-interlaced\012- data
Size
13 kB (12726 bytes)
Hash
051ce0ceddb5576f91d87b37c0fc2e1c
f340cbc359a644638ca9ea9b9ad136d2dc953efc
578d8acf07aac222ab8ac700f95aead6b18a3662dcf712ddcc9d4034f1c5a8a7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/nav/what_new.png HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 12726
date: Sun, 04 Dec 2022 02:06:42 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: "63899959-31b6"
accept-ranges: bytes
ali-swift-global-savetime: 1670119602
via: cache1.l2de2[0,0,304-0,H], cache5.l2de2[1,0], cache8.se1[23,24,200-0,H], cache5.se1[25,0]
age: 3220
x-cache: HIT TCP_REFRESH_HIT dirn:4:13843082
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228222925226e
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
0d85a45c2e9badfb04568378ac6394ad
f84acb749c7f7fd2bec896acf76ae64adcb2ae1d
279453ff6424ec96efd53843e684d1110c078ec4f2a4226a50b6c9d48352552e

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 03:00:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 08 Dec 2022 01:24:48 GMT
ETag: "f84acb749c7f7fd2bec896acf76ae64adcb2ae1d"
Last-Modified: Sun, 04 Dec 2022 01:24:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1715
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77414a993d86b503-OSL

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1377c2956f6d4d989e6fafbe01600b49
7a550dd67e42a8f1ba1468646af02691d0580345
4e0206cd8e1112cdefa7f974876461a968bbcbbf016b1b1c2e3af77346507886

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 03:00:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1377c2956f6d4d989e6fafbe01600b49
7a550dd67e42a8f1ba1468646af02691d0580345
4e0206cd8e1112cdefa7f974876461a968bbcbbf016b1b1c2e3af77346507886

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 03:00:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

connect.facebook.net/en_US/sdk.js?hash=29a5ad50c47351cead84479582d6eb4d

31.13.72.12

200 OK

87 kB

URL HTTP/2
connect.facebook.net/en_US/sdk.js?hash=29a5ad50c47351cead84479582d6eb4d
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (13192)
Size
87 kB (86894 bytes)
Hash
a199bd3f0adab202788c5bd47bd34414
7d8d4c88fb1e3ccedc265969aa6f8fa1c5660f66
a4d1ff3b3da7dddc6d024319561b760579ce4b839829f36c56e1ada82d8bb6e1

HTTP Headers

GET /en_US/sdk.js?hash=29a5ad50c47351cead84479582d6eb4d HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cc.chitubox.com
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: bc907025f657cd864dd72c117788359a
etag: "d0dd798f9ece4fc5c5b7b2b363ef9667"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 04 Dec 2023 01:18:00 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: oZm9PwrasgJ4jFvUe9NEFA==
x-fb-debug: m+icIYTSJYZqvabW1eEQ+ZWYo8mm61DVbfF+xKy0hJyfpuMXcflmJqbnfNC9Iel7ySIIBsXsmZgQT0CQhF6u4A==
content-length: 86894
x-fb-trip-id: 2050670934
date: Sun, 04 Dec 2022 03:00:22 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=110698050301469&suppress_http_code=1

31.13.72.8

200 OK

86 B

URL HTTP/2
socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=110698050301469&suppress_http_code=1
IP
31.13.72.8:0
ASN
#32934 FACEBOOK

File type
ASCII text, with no line terminators
Size
86 B (86 bytes)
Hash
ac72dada01d1a901d2bba93659954aa7
4a0a3ce2152da5b0863c132b346c5f0bbd0b170e
ae14b15c032c9fd47ea68138fb0ced5f863b844d47255020312a15bad0a72c8f

HTTP Headers

GET /new_domain_gating/?endpoint=customerchat&page_id=110698050301469&suppress_http_code=1 HTTP/1.1
Host: socialplugin.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: https://cc.chitubox.com
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/json; charset=utf-8
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
access-control-allow-origin: https://cc.chitubox.com
x-fb-debug: zLInbY/kZlr2aJjMyVr94ycTi6T4XeGwyXhDi4VQ8oR4FchhOFF7JfwDpMp723U/M2qFATDbxsodrlk+Wvm0PQ==
date: Sun, 04 Dec 2022 03:00:21 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1f3a4f3edea56419c58836a0c80d5cea
1558a7ad0acc0c09cdf39ec92030f7ee5736e595
70aeda0cb136ac1add86931a338558b9f302576cd65537575d232fda623fe2f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 03:00:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

chitubox-web-tracking-sz.cn-shenzhen.log.aliyuncs.com/logstores/chitubox-web-tracking-sz-store/track_ua.gif?APIVersion=0.6.0&type=visit&site=home

112.74.122.51

200 OK

43 B

URL HTTP/1.1
chitubox-web-tracking-sz.cn-shenzhen.log.aliyuncs.com/logstores/chitubox-web-tracking-sz-store/track_ua.gif?APIVersion=0.6.0&type=visit&site=home
IP
112.74.122.51:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /logstores/chitubox-web-tracking-sz-store/track_ua.gif?APIVersion=0.6.0&type=visit&site=home HTTP/1.1
Host: chitubox-web-tracking-sz.cn-shenzhen.log.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: *
Date: Sun, 04 Dec 2022 03:00:22 GMT
x-log-time: 1670122822
x-log-requestid: 638C0D460199F235F7DDB65B

fis.cbd-3d.com/chitubox/chitubox/public/cc/language/en.json?t=2022-11

47.246.44.209

200 OK

14 kB

URL HTTP/2
fis.cbd-3d.com/chitubox/chitubox/public/cc/language/en.json?t=2022-11
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (429), with CRLF line terminators
Size
14 kB (14502 bytes)
Hash
c83065138b65108dd3ade3d379fd9b19
a815b1e8f908d8ccb5d22394020347322cc3f5c8
0af709399ed0f641b07c3f2486dbbc3cd8a4445d32774d7fe9062d87d9376bfb

HTTP Headers

GET /chitubox/chitubox/public/cc/language/en.json?t=2022-11 HTTP/1.1
Host: fis.cbd-3d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cc.chitubox.com
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: application/json
content-length: 14502
strict-transport-security: max-age=5184000
date: Sun, 04 Dec 2022 02:41:10 GMT
x-oss-request-id: 638C08C6E67E4F3634D0048B
access-control-allow-origin: https://cc.chitubox.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-max-age: 1800
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "0228C0D6AA735B0F4326E03EB7B05332"
last-modified: Fri, 02 Dec 2022 08:57:14 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13175253431476156251
x-oss-storage-class: Standard
x-oss-meta-real-name: en.json
content-disposition: attachment; filename=en.json
vary: Accept-Encoding
content-md5: AijA1qpzWw9DJuA+t7BTMg==
x-oss-server-time: 45
ali-swift-global-savetime: 1670121670
via: cache5.l2de2[0,0,304-0,H], cache8.l2de2[1,0], cache3.se1[1503,1503,200-0,H], cache5.se1[1506,0]
content-encoding: gzip
age: 1153
x-cache: HIT TCP_REFRESH_HIT dirn:2:421696010
x-swift-savetime: Sun, 04 Dec 2022 03:00:23 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228218225039e
X-Firefox-Spdy: h2

fis.cbd-3d.com//chitubox/chitubox/public/cms/csv/paypal.svg

47.246.44.209

200 OK

990 B

URL HTTP/2
fis.cbd-3d.com//chitubox/chitubox/public/cms/csv/paypal.svg
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (990), with no line terminators
Size
990 B (990 bytes)
Hash
b746fa26ea89b91e5c50700da2a047b1
e809af3e76933f82eb2fd569385de25819eb90f2
738aea06fc682365e1d9fbc844c3b238f1dcb47f73215d31979ac412f6576402

HTTP Headers

GET //chitubox/chitubox/public/cms/csv/paypal.svg HTTP/1.1
Host: fis.cbd-3d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
content-length: 990
strict-transport-security: max-age=5184000
date: Sun, 04 Dec 2022 02:10:20 GMT
x-oss-request-id: 638C018C647D973538628896
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "B746FA26EA89B91E5C50700DA2A047B1"
last-modified: Fri, 02 Dec 2022 06:32:10 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12062891127650808518
x-oss-storage-class: Standard
x-oss-meta-real-name: paypal.svg
content-md5: t0b6JuqJuR5cUHANoqBHsQ==
x-oss-server-time: 52
ali-swift-global-savetime: 1670119820
via: cache21.l2de2[0,0,304-0,H], cache10.l2de2[1,0], cache1.se1[0,0,200-0,H], cache2.se1[1,0]
age: 3003
x-cache: HIT TCP_MEM_HIT dirn:4:171944859
x-swift-savetime: Sun, 04 Dec 2022 02:25:06 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9616701228234356289e
X-Firefox-Spdy: h2

fis.cbd-3d.com/chitubox/chitubox/public/cms/csv/Maestro.svg

47.246.44.209

200 OK

633 B

URL HTTP/2
fis.cbd-3d.com/chitubox/chitubox/public/cms/csv/Maestro.svg
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (633), with no line terminators
Size
633 B (633 bytes)
Hash
df0fdfa6704acefbde1f7f634bd4ae58
e748ea377d76f51190e30f85160de753d17b35cc
b32c1ed2753ff845db593063b1cbadb00fbb579cb969e53cfafdb540b7800023

HTTP Headers

GET /chitubox/chitubox/public/cms/csv/Maestro.svg HTTP/1.1
Host: fis.cbd-3d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
content-length: 633
strict-transport-security: max-age=5184000
date: Sun, 04 Dec 2022 02:53:55 GMT
x-oss-request-id: 638C0BC393B01338396545CC
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "DF0FDFA6704ACEFBDE1F7F634BD4AE58"
last-modified: Fri, 02 Dec 2022 06:27:10 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17891802613849730984
x-oss-storage-class: Standard
x-oss-meta-real-name: Maestro.svg
content-md5: 3w/fpnBKzvveH39jS9SuWA==
x-oss-server-time: 42
ali-swift-global-savetime: 1670122435
via: cache14.l2de2[0,0,304-0,H], cache5.l2de2[0,0], cache1.se1[21,21,200-0,H], cache2.se1[22,0]
age: 388
x-cache: HIT TCP_REFRESH_HIT dirn:11:181642672
x-swift-savetime: Sun, 04 Dec 2022 03:00:23 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9616701228234296283e
X-Firefox-Spdy: h2

fis.cbd-3d.com//chitubox/chitubox/public/cms/csv/Mastercard.svg

47.246.44.209

200 OK

634 B

URL HTTP/2
fis.cbd-3d.com//chitubox/chitubox/public/cms/csv/Mastercard.svg
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (634), with no line terminators
Size
634 B (634 bytes)
Hash
12f706c8640a196fd97387f05d7b5c9b
171aa18c076dd80e353fdeab3e64d70ea168846c
0d75303cce76da3abe1dc800402a4591c64f8da39dd4156f72021cbae9b7eacd

HTTP Headers

GET //chitubox/chitubox/public/cms/csv/Mastercard.svg HTTP/1.1
Host: fis.cbd-3d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
content-length: 634
strict-transport-security: max-age=5184000
date: Sun, 04 Dec 2022 02:32:09 GMT
x-oss-request-id: 638C06A911A5983030E39BC5
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "12F706C8640A196FD97387F05D7B5C9B"
last-modified: Fri, 02 Dec 2022 06:28:29 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13160761143435839904
x-oss-storage-class: Standard
x-oss-meta-real-name: Mastercard.svg
content-md5: EvcGyGQKGW/Zc4fwXXtcmw==
x-oss-server-time: 4
ali-swift-global-savetime: 1670121129
via: cache8.l2de2[0,0,304-0,H], cache19.l2de2[1,0], cache1.se1[22,21,200-0,H], cache2.se1[23,0]
age: 1694
x-cache: HIT TCP_REFRESH_HIT dirn:4:171949250
x-swift-savetime: Sun, 04 Dec 2022 03:00:23 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9616701228234326286e
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F757562c1-a4bf-4a51-bf99-64f3a0d51840.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8285 bytes)
Hash
2c37ed587ee5e3fbdc8cab86ef1345f9
364a32a224b2cacc26b138d57a8945c191e537b1
3c66654da4670e0d5ec87afb6c62f0a420d90875c57b280710f2592269a9303e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F757562c1-a4bf-4a51-bf99-64f3a0d51840.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8285
x-amzn-requestid: 882c673f-4e3f-4f84-a51d-bbac56f716eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAAEWUoAMFWuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-3a2c571d6272b3493ec2a1c5;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DX2amuyEjkaWng9x7x8TknBMeXzYPSW7pimxhVkcwOPPPbKrX0beQQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:24 GMT
etag: "364a32a224b2cacc26b138d57a8945c191e537b1"
content-type: image/jpeg
age: 18600
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cc.chitubox.com/1-es2015.ef9b69d7d0a5110b9d35.js

47.246.44.209

200 OK

0 B

URL HTTP/2
cc.chitubox.com/1-es2015.ef9b69d7d0a5110b9d35.js
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /1-es2015.ef9b69d7d0a5110b9d35.js HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
date: Sun, 04 Dec 2022 02:10:31 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: W/"63899959-22fcf"
ali-swift-global-savetime: 1670119831
via: cache8.l2de2[0,0,304-0,H], cache14.l2de2[1,0], cache5.se1[22,22,200-0,H], cache5.se1[24,0]
age: 2989
x-cache: HIT TCP_REFRESH_HIT dirn:4:350211379
x-swift-savetime: Sun, 04 Dec 2022 03:00:20 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228207204675e
content-encoding: gzip
X-Firefox-Spdy: h2

sac.chitubox.com/software/getMainstreamProduct.do2

47.254.47.204

200 OK

0 B

URL HTTP/2
sac.chitubox.com/software/getMainstreamProduct.do2
IP
47.254.47.204:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /software/getMainstreamProduct.do2 HTTP/1.1
Host: sac.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Origin: https://cc.chitubox.com
Connection: keep-alive
Referer: https://cc.chitubox.com/
Cookie: _gcl_au=1.1.1294913482.1670122818; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 03:00:22 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://cc.chitubox.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2

cms.chitubox.com/log.do?t=REFERRER_EVENT&o=Linux&l=en&st=pc&bt=Firefox&bv=5.0%20(X11)&ru=&rs=&rd=&tu=/login&ts=?callback=https:%252F%252Fsac.chitubox.com%252Fsoftware%252Fdownload.do&ta=https://cc.chitubox.com/login?callback=https:%252F%252Fsac.chitubox.com%252Fsoftware%252Fdownload.do&other=%7B%22url%22:%22https://cc.chitubox.com/login?callback=https:%252F%252Fsac.chitubox.com%252Fsoftware%252Fdownload.do%22%7D

47.254.47.204

200 OK

0 B

URL HTTP/2
cms.chitubox.com/log.do?t=REFERRER_EVENT&o=Linux&l=en&st=pc&bt=Firefox&bv=5.0%20(X11)&ru=&rs=&rd=&tu=/login&ts=?callback=https:%252F%252Fsac.chitubox.com%252Fsoftware%252Fdownload.do&ta=https://cc.chitubox.com/login?callback=https:%252F%252Fsac.chitubox.com%252Fsoftware%252Fdownload.do&other=%7B%22url%22:%22https://cc.chitubox.com/login?callback=https:%252F%252Fsac.chitubox.com%252Fsoftware%252Fdownload.do%22%7D
IP
47.254.47.204:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /log.do?t=REFERRER_EVENT&o=Linux&l=en&st=pc&bt=Firefox&bv=5.0%20(X11)&ru=&rs=&rd=&tu=/login&ts=?callback=https:%252F%252Fsac.chitubox.com%252Fsoftware%252Fdownload.do&ta=https://cc.chitubox.com/login?callback=https:%252F%252Fsac.chitubox.com%252Fsoftware%252Fdownload.do&other=%7B%22url%22:%22https://cc.chitubox.com/login?callback=https:%252F%252Fsac.chitubox.com%252Fsoftware%252Fdownload.do%22%7D HTTP/1.1
Host: cms.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Origin: https://cc.chitubox.com
Connection: keep-alive
Referer: https://cc.chitubox.com/
Cookie: _gcl_au=1.1.1294913482.1670122818; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 03:00:22 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://cc.chitubox.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2

cc.chitubox.com/assets/img/nav/nav_academy_case.svg

47.246.44.209

200 OK

0 B

URL HTTP/2
cc.chitubox.com/assets/img/nav/nav_academy_case.svg
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/nav/nav_academy_case.svg HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: embed
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
vary: Accept-Encoding
date: Sun, 04 Dec 2022 02:43:09 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: W/"63899959-57b"
ali-swift-global-savetime: 1670121789
via: cache1.l2de2[0,0,304-0,H], cache23.l2de2[1,0], cache4.se1[23,23,200-0,H], cache5.se1[25,0]
age: 1033
x-cache: HIT TCP_REFRESH_HIT dirn:4:104504337
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228220465125e
content-encoding: gzip
X-Firefox-Spdy: h2

cc.chitubox.com/assets/img/nav/nav_support_team.svg

47.246.44.209

200 OK

0 B

URL HTTP/2
cc.chitubox.com/assets/img/nav/nav_support_team.svg
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/nav/nav_support_team.svg HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: embed
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
vary: Accept-Encoding
date: Sun, 04 Dec 2022 02:43:09 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: W/"63899959-623"
ali-swift-global-savetime: 1670121789
via: cache9.l2de2[0,0,304-0,H], cache4.l2de2[1,0], cache3.se1[23,23,200-0,H], cache5.se1[24,0]
age: 1033
x-cache: HIT TCP_REFRESH_HIT dirn:1:403421321
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228220485127e
content-encoding: gzip
X-Firefox-Spdy: h2

cc.chitubox.com/assets/img/nav/nav_support_affiliate.svg

47.246.44.209

200 OK

0 B

URL HTTP/2
cc.chitubox.com/assets/img/nav/nav_support_affiliate.svg
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/nav/nav_support_affiliate.svg HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: embed
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
vary: Accept-Encoding
date: Sun, 04 Dec 2022 02:43:09 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: W/"63899959-7dc"
ali-swift-global-savetime: 1670121789
via: cache8.l2de2[0,0,304-0,H], cache11.l2de2[1,0], cache5.se1[22,22,200-0,H], cache5.se1[24,0]
age: 1033
x-cache: HIT TCP_REFRESH_HIT dirn:4:347245416
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228220495128e
content-encoding: gzip
X-Firefox-Spdy: h2

fis.cbd-3d.com/chitubox/chitubox/public/cms/csv/Visa.svg

47.246.44.209

200 OK

0 B

URL HTTP/2
fis.cbd-3d.com/chitubox/chitubox/public/cms/csv/Visa.svg
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /chitubox/chitubox/public/cms/csv/Visa.svg HTTP/1.1
Host: fis.cbd-3d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
vary: Accept-Encoding
strict-transport-security: max-age=5184000
date: Sun, 04 Dec 2022 02:10:20 GMT
x-oss-request-id: 638C018CE8F77331310BD24B
x-oss-cdn-auth: success
etag: W/"4EC5AAF1F98064F0C8AC99446EE42D52"
last-modified: Fri, 02 Dec 2022 06:26:33 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13827437326930840265
x-oss-storage-class: Standard
x-oss-meta-real-name: Visa.svg
content-md5: TsWq8fmAZPDIrJlEbuQtUg==
x-oss-server-time: 20
ali-swift-global-savetime: 1670119820
via: cache9.l2de2[0,0,304-0,H], cache12.l2de2[0,0], cache2.se1[0,0,200-0,H], cache2.se1[2,0]
age: 3003
x-cache: HIT TCP_MEM_HIT dirn:6:462477806
x-swift-savetime: Sun, 04 Dec 2022 02:25:06 GMT
x-swift-cachetime: 3600
content-encoding: br
timing-allow-origin: *
eagleid: 2ff62c9616701228234186278e
X-Firefox-Spdy: h2

cc.chitubox.com/assets/img/nav/nav_academy_tutorial.svg

47.246.44.209

200 OK

0 B

URL HTTP/2
cc.chitubox.com/assets/img/nav/nav_academy_tutorial.svg
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/nav/nav_academy_tutorial.svg HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: embed
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
vary: Accept-Encoding
date: Sun, 04 Dec 2022 02:43:08 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: W/"63899959-6a4"
ali-swift-global-savetime: 1670121788
via: cache8.l2de2[0,0,304-0,H], cache20.l2de2[1,0], cache8.se1[22,21,200-0,H], cache5.se1[23,0]
age: 1034
x-cache: HIT TCP_REFRESH_HIT dirn:4:10956807
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228220445123e
content-encoding: gzip
X-Firefox-Spdy: h2

cc.chitubox.com/assets/img/nav/nav_academy_advanced.svg

47.246.44.209

200 OK

0 B

URL HTTP/2
cc.chitubox.com/assets/img/nav/nav_academy_advanced.svg
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/nav/nav_academy_advanced.svg HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: embed
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
vary: Accept-Encoding
date: Sun, 04 Dec 2022 02:43:08 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: W/"63899959-5fa"
ali-swift-global-savetime: 1670121788
via: cache3.l2de2[0,0,304-0,H], cache17.l2de2[1,0], cache3.se1[23,23,200-0,H], cache5.se1[25,0]
age: 1034
x-cache: HIT TCP_REFRESH_HIT dirn:1:403421323
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228220455124e
content-encoding: gzip
X-Firefox-Spdy: h2

cc.chitubox.com/assets/img/nav/nav_support_manuals.svg

47.246.44.209

200 OK

0 B

URL HTTP/2
cc.chitubox.com/assets/img/nav/nav_support_manuals.svg
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/nav/nav_support_manuals.svg HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: embed
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
vary: Accept-Encoding
date: Sun, 04 Dec 2022 02:43:09 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: W/"63899959-7f4"
ali-swift-global-savetime: 1670121789
via: cache15.l2de2[0,0,304-0,H], cache3.l2de2[1,0], cache3.se1[22,21,200-0,H], cache5.se1[23,0]
age: 1033
x-cache: HIT TCP_REFRESH_HIT dirn:2:418656983
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228220475126e
content-encoding: gzip
X-Firefox-Spdy: h2

cc.chitubox.com/runtime-es2015.041759085d3e9482cd6e.js

47.246.44.209

200 OK

0 B

URL HTTP/2
cc.chitubox.com/runtime-es2015.041759085d3e9482cd6e.js
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /runtime-es2015.041759085d3e9482cd6e.js HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
date: Sun, 04 Dec 2022 02:06:42 GMT
last-modified: Fri, 02 Dec 2022 06:21:14 GMT
etag: W/"6389995a-9c7"
ali-swift-global-savetime: 1670119602
via: cache25.l2de2[0,0,304-0,H], cache8.l2de2[0,0], cache5.se1[23,23,200-0,H], cache5.se1[29,0]
age: 3217
x-cache: HIT TCP_REFRESH_HIT dirn:11:354543902
x-swift-savetime: Sun, 04 Dec 2022 03:00:19 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228198404235e
content-encoding: gzip
X-Firefox-Spdy: h2

fis.cbd-3d.com/chitubox/chitubox/public/cms/csv/AMEX.svg

47.246.44.209

200 OK

0 B

URL HTTP/2
fis.cbd-3d.com/chitubox/chitubox/public/cms/csv/AMEX.svg
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /chitubox/chitubox/public/cms/csv/AMEX.svg HTTP/1.1
Host: fis.cbd-3d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
vary: Accept-Encoding
strict-transport-security: max-age=5184000
date: Sun, 04 Dec 2022 02:10:20 GMT
x-oss-request-id: 638C018CE5E9AB363009E45C
x-oss-cdn-auth: success
etag: W/"75DD3FE3FC585FC43CA06129AA1EC5BE"
last-modified: Fri, 02 Dec 2022 06:24:38 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5448396767152452691
x-oss-storage-class: Standard
x-oss-meta-real-name: AMEX.svg
content-md5: dd0/4/xYX8Q8oGEpqh7Fvg==
x-oss-server-time: 22
ali-swift-global-savetime: 1670119820
via: cache5.l2de2[0,0,304-0,H], cache23.l2de2[0,0], cache3.se1[0,0,200-0,H], cache2.se1[0,0]
age: 3003
x-cache: HIT TCP_MEM_HIT dirn:1:406391694
x-swift-savetime: Sun, 04 Dec 2022 02:25:06 GMT
x-swift-cachetime: 3600
content-encoding: br
timing-allow-origin: *
eagleid: 2ff62c9616701228234256282e
X-Firefox-Spdy: h2

cc.chitubox.com/main-es2015.bec17842e18155af5593.js

47.246.44.209

200 OK

0 B

URL HTTP/2
cc.chitubox.com/main-es2015.bec17842e18155af5593.js
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /main-es2015.bec17842e18155af5593.js HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
date: Sun, 04 Dec 2022 02:10:30 GMT
last-modified: Fri, 02 Dec 2022 06:21:14 GMT
etag: W/"6389995a-266701"
ali-swift-global-savetime: 1670119830
via: cache14.l2de2[0,0,304-0,H], cache20.l2de2[0,0], cache2.se1[88,89,200-0,H], cache5.se1[91,0]
age: 2989
x-cache: HIT TCP_REFRESH_HIT dirn:6:454108739
x-swift-savetime: Sun, 04 Dec 2022 03:00:19 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228198414237e
content-encoding: gzip
X-Firefox-Spdy: h2

manychat.com/pixel/logEvent

18.185.191.84

200 OK

0 B

URL HTTP/2
manychat.com/pixel/logEvent
IP
18.185.191.84:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /pixel/logEvent HTTP/1.1
Host: manychat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 408
Origin: https://cc.chitubox.com
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty/1.21.4.1
date: Sun, 04 Dec 2022 03:00:21 GMT
content-type: application/json
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

cc.chitubox.com/login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe

47.246.44.209

200 OK

0 B

URL HTTP/2
cc.chitubox.com/login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: Tengine
content-type: text/html; charset=utf-8
vary: Accept-Encoding
date: Sun, 04 Dec 2022 03:00:19 GMT
last-modified: Fri, 02 Dec 2022 06:21:14 GMT
etag: W/"6389995a-9ad"
ali-swift-global-savetime: 1670122819
via: cache4.l2de2[2746,2745,200-0,M], cache17.l2de2[2747,0], cache3.se1[4271,4271,200-0,M], cache5.se1[4274,0]
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Sun, 04 Dec 2022 03:00:19 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228154652260e
content-encoding: gzip
X-Firefox-Spdy: h2

cc.chitubox.com/polyfills-es2015.f955ee086c41edabf52d.js

47.246.44.209

200 OK

0 B

URL HTTP/2
cc.chitubox.com/polyfills-es2015.f955ee086c41edabf52d.js
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /polyfills-es2015.f955ee086c41edabf52d.js HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
date: Sun, 04 Dec 2022 02:41:05 GMT
last-modified: Fri, 02 Dec 2022 06:21:14 GMT
etag: W/"6389995a-9081"
ali-swift-global-savetime: 1670121666
via: cache2.l2de2[0,0,304-0,H], cache1.l2de2[0,0], cache2.se1[23,24,200-0,H], cache5.se1[28,0]
age: 1153
x-cache: HIT TCP_REFRESH_HIT dirn:11:5565473
x-swift-savetime: Sun, 04 Dec 2022 03:00:19 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228198414236e
content-encoding: gzip
X-Firefox-Spdy: h2

fis.cbd-3d.com//chitubox/chitubox/public/cms/csv/unionpay.svg

47.246.44.209

200 OK

0 B

URL HTTP/2
fis.cbd-3d.com//chitubox/chitubox/public/cms/csv/unionpay.svg
IP
47.246.44.209:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //chitubox/chitubox/public/cms/csv/unionpay.svg HTTP/1.1
Host: fis.cbd-3d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
vary: Accept-Encoding
strict-transport-security: max-age=5184000
date: Sun, 04 Dec 2022 02:32:09 GMT
x-oss-request-id: 638C06A9647D973439A9E8C2
x-oss-cdn-auth: success
etag: W/"8A10AEFC7295216C338BA4E1224627A1"
last-modified: Fri, 02 Dec 2022 06:29:45 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 311633489719995761
x-oss-storage-class: Standard
x-oss-meta-real-name: unionpay.svg
content-md5: ihCu/HKVIWwzi6ThIkYnoQ==
x-oss-server-time: 18
ali-swift-global-savetime: 1670121129
via: cache12.l2de2[0,0,304-0,H], cache1.l2de2[1,0], cache7.se1[23,23,200-0,H], cache2.se1[25,0]
age: 1694
x-cache: HIT TCP_REFRESH_HIT dirn:3:426383623
x-swift-savetime: Sun, 04 Dec 2022 03:00:23 GMT
x-swift-cachetime: 3600
content-encoding: br
timing-allow-origin: *
eagleid: 2ff62c9616701228234326287e
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations