Report - njwatech.com/

Report Overview

URL

njwatech.com/
IP

154.212.232.221

ASN

#133201 ABCDE GROUP COMPANY LIMITED
Submitted

2023-01-24T21:45:13Z

Access
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

0
Threat Detection Systems

1

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
njwatech.com (17)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5903	197901	154.212.232.221
fxsjcj.kaipuyun.cn (1)	165337	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	295	17166	114.55.100.5
r3.o.lencr.org (7)	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2366	6204	23.36.76.226
contile.services.mozilla.com (1)	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333	391	34.117.237.239
img-getpocket.cdn.mozilla.net (6)	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3246	62123	34.120.237.76
ta.trs.cn (1)	285723	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	279	9920	120.53.131.129
pucha.kaipuyun.cn (1)	154134	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	286	386	121.43.68.40
firefox.settings.services.mozilla.com (2)	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782	2373	35.241.9.150
content-signature-2.cdn.mozilla.net (1)	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413	5856	34.160.144.191
push.services.mozilla.com (1)	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606	127	52.88.113.219

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-24	medium	trs.cn	Sinkholed

ThreatFox

No alerts detected

HTTP Transactions (38)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

04512fea22644dc0d22c3f3a665f6645

0e213646abfc6d9560ba562362fd9e9115be8354

124d9534f75506b8e8c7535ee7295ac4e6cf5a8249a0edac6940839e56043181

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2951
Expires: Tue, 24 Jan 2023 22:34:12 GMT
Date: Tue, 24 Jan 2023 21:45:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

f416977a8d6dfaafb2dbfd0e68b871f8

dfa97bd829b03162de91c80133f2fde69b58a8d2

2c4d0fd1b7a6d398026a4817267adce203429acdd3defa44a879f0d945f392d5

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C4D0FD1B7A6D398026A4817267ADCE203429ACDD3DEFA44A879F0D945F392D5"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12236
Expires: Wed, 25 Jan 2023 01:08:57 GMT
Date: Tue, 24 Jan 2023 21:45:01 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939

URL HTTP/2

firefox.settings.services.mozilla.com/v1/
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (939), with no line terminators

Size

939
Hash

bf0c602d32b3c14606f22a86183b5e3c

6eabd8d83475eba731968abe1a05a8bfd272f160

6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

                                        GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 24 Jan 2023 21:35:07 GMT
content-type: application/json
age: 594
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

6cd4f1da1215c7473500807c185f2449

b14db0c67cf1f5faf85648ed8f94baf2dd03808b

9750518efd869da5ff74ba65a196445bd4340c909157cc1a420f62c1d07224a0

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9750518EFD869DA5FF74BA65A196445BD4340C909157CC1A420F62C1D07224A0"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5795
Expires: Tue, 24 Jan 2023 23:21:36 GMT
Date: Tue, 24 Jan 2023 21:45:01 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5348

URL HTTP/2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP

34.160.144.191:0
ASN

#15169 GOOGLE

Magic

PEM certificate\012- , ASCII text

Size

5348
Hash

7b922915ebf1fa3639b333f994c74f24

144a3f80b98fd0652d4614f24cf6cbbee40f8938

adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

                                        GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
x-amz-id-2: X9wPvhkxRwBpBNJhaaFsi64HRC0y1tSA+rrBcPJWNRT+X89HkMMzuEBrhAkbYlQzOzp1BmKpdjyoErjAipSCLg==
x-amz-request-id: QGZ2QAB4V1WMPWS9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 24 Jan 2023 21:19:25 GMT
age: 1536
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

URL HTTP/2

contile.services.mozilla.com/v1/tiles
IP

34.117.237.239:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with no line terminators

Size

12
Hash

23e88fb7b99543fb33315b29b1fad9d6

a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

                                        GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 21:45:01 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329

URL HTTP/2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (329), with no line terminators

Size

329
Hash

0333b0655111aa68de771adfcc4db243

63f295a144ac87a7c8e23417626724eeca68a7eb

60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

                                        GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 24 Jan 2023 21:17:31 GMT
age: 1650
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

c398b6b39d11d25b8ae9bc5cd94a1c98

640aa8c399ced71d0c2a9f5a90fbaf091b01d642

a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17883
Expires: Wed, 25 Jan 2023 02:43:04 GMT
Date: Tue, 24 Jan 2023 21:45:01 GMT
Connection: keep-alive

push.services.mozilla.com/

52.88.113.219

101 Switching Protocols

URL HTTP/1.1

push.services.mozilla.com/
IP

52.88.113.219:0
ASN

#16509 AMAZON-02

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IXn4usoe9F2C1RukExdw0Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ql1Q4dC2Z42LoHpLYJmo15ClHjA=

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

d5528af26e629a9bfbf0c421146b921f

1e4f99245d551384bedfe9b59b5f9905127d87bf

989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9442
Expires: Wed, 25 Jan 2023 00:22:25 GMT
Date: Tue, 24 Jan 2023 21:45:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

d5528af26e629a9bfbf0c421146b921f

1e4f99245d551384bedfe9b59b5f9905127d87bf

989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9442
Expires: Wed, 25 Jan 2023 00:22:25 GMT
Date: Tue, 24 Jan 2023 21:45:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

d5528af26e629a9bfbf0c421146b921f

1e4f99245d551384bedfe9b59b5f9905127d87bf

989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9442
Expires: Wed, 25 Jan 2023 00:22:25 GMT
Date: Tue, 24 Jan 2023 21:45:03 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67794d4b-c63e-47af-b530-92b195f8e718.jpeg

34.120.237.76

200 OK

12907

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67794d4b-c63e-47af-b530-92b195f8e718.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

12907
Hash

16d9c0855b43a6c2351cb450187948e2

7208e2e4beb739ae9aded4a207d48cb3572fad5f

92b0423b09aa653ec7326d0aa05dbe137ba452ef21f118c7eb6499a8ccecc8fd

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67794d4b-c63e-47af-b530-92b195f8e718.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 12907
x-amzn-requestid: c9f9a619-f0e1-4bc4-af2a-796b16aa1250
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNzFqF-lIAMFXIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefef0-625e4bab03baa979605f13f8;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kPx_xJAOsrYKWFcHe6JlWILe3jbBtqFuOphGjZALwy4xJC3F2vE2Xw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 21:57:33 GMT
age: 85650
etag: "7208e2e4beb739ae9aded4a207d48cb3572fad5f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7642

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b12041d-fdaa-483d-b290-d584ffb6ea13.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

7642
Hash

deb690b8f5503bf4bcf424e58ddb6b8c

eb96120190e3a5c286ac5ec51ee8b163540377fd

c762b17d3e43d773966490d1186ebc352a78d47781c77a4f048e32fee9732b7d

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b12041d-fdaa-483d-b290-d584ffb6ea13.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 7642
x-amzn-requestid: 3f4482cf-98a5-420e-abe7-17fd2d214da0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNyxIF3aIAMFWoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe6d-0c1838dc7b4ab4650d54ee56;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RI2PzIKXk_H09T20cGoqTCC1WdRp3S5N6TOBX_lIcEk8wYaCIfCPJw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:08:04 GMT
age: 85019
etag: "eb96120190e3a5c286ac5ec51ee8b163540377fd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8308

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

8308
Hash

91b2e12a39dc4f63b9d52e8800cce1f2

42d5b4b4a091778d98c351f0002d8656449d0243

d4dbc79e3383e83f861ccf8cde3e78ba427a66cd3fa99c17e23ec935867de4ad

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 1988d3b3-5e1a-41fd-83f5-092eddb9185f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNys5GDKoAMFdbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe52-2349fde60b7db8a34c996717;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5_1j_Z6HZ3DSGFPAACJduM5D9eAqMQT42GgI61x8dHAmPQtUexpEYQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 21:59:05 GMT
age: 85558
etag: "42d5b4b4a091778d98c351f0002d8656449d0243"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4381

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ad2eb2b-9cfe-4f71-89ea-99ac9e3f783f.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

4381
Hash

462fc1946b8dbae49aa3cf22291fc707

400c6dc7973b36a5d3e43cc3b439da49ab6c76b5

88e13373963e8427baa4cdf19909eb297aafe035ec0376cbed6d4f4fa45dbd32

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ad2eb2b-9cfe-4f71-89ea-99ac9e3f783f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 4381
x-amzn-requestid: 528fddee-8bac-466a-8f82-3d5bffab7ca4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNzFpFghoAMFSPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefef0-63f97c8409b808910ce8f50a;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: USeM1Ot6q0_lK_EdmyYfmyH-Aklt_yek7fg9ayjlDCPS9KobKbHCjA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 21:56:59 GMT
age: 85684
etag: "400c6dc7973b36a5d3e43cc3b439da49ab6c76b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11918

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

11918
Hash

4cb7be12333fa7ea3353901b4b3215af

4b758cc432874384f330568177eef5a328d7e69a

d6f86c0ddbabd5c4fd7cee72ce4da62ccddd9d29139c9ab033bb1ab8425bae22

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 11918
x-amzn-requestid: ff47dd24-004f-4cc7-acfb-283b2e751f23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqxwEyWoAMF3gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb580b-1e95f74b0846080f75a757f6;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:12:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OsitP8LhrabAIbfq-ZTMmpJfnfvttYGad42iE3obktcRneUqbBHlpw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 03:59:27 GMT
age: 63936
etag: "4b758cc432874384f330568177eef5a328d7e69a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10594

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febfe8cd9-8a38-4bff-80c1-8c58b3618c4d.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

10594
Hash

3172dcbfc344029f09fec71cfa869af7

1a45d9e39cb8a2fcf5cb06bbfcf0194f1eaff2ad

e818325e9a7a516912bba892f0ff7377ee0a60d0a38afbbc7f41f8f5d7857a07

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febfe8cd9-8a38-4bff-80c1-8c58b3618c4d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: 25119c89-8b57-4f78-ba4d-6181a565fc55
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNyrOG_VIAMF15w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe47-5f7fde965860cba74a51ddbf;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZM3fGgrP1P7ju8-1AFIahWbbTgZaAu3mCZyN9m_g_rw6rWHeldJhmQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:19:21 GMT
etag: "1a45d9e39cb8a2fcf5cb06bbfcf0194f1eaff2ad"
content-type: image/jpeg
age: 84342
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

njwatech.com/images/yidongduan.js

154.212.232.221

200 OK

1155

URL HTTP/1.1

njwatech.com/images/yidongduan.js
IP

154.212.232.221:0
ASN

#133201 ABCDE GROUP COMPANY LIMITED

Magic

ISO-8859 text, with CRLF, LF line terminators

Size

1155
Hash

0bca2b764f39066ae02c6347ac4d1545

bbc1fe79a60845353d8f7ae950baf09c2659c95b

621970d6a9d8febac7ae655b93e98290776e2c94890afed84fe85459cc5dbc0f

HTTP Headers

                                        GET /images/yidongduan.js HTTP/1.1
Host: njwatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://njwatech.com/
Cookie: ASPSESSIONIDQASSRQAT=DHHJPANDMCBKHJFEJKEILPDG

                                        HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Tue, 03 Aug 2021 06:37:37 GMT
Accept-Ranges: bytes
ETag: "dc9accc3288d71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Tue, 24 Jan 2023 21:45:00 GMT
Content-Length: 1155

njwatech.com/1.js

154.212.232.221

200 OK

5755

URL HTTP/1.1

njwatech.com/1.js
IP

154.212.232.221:0
ASN

#133201 ABCDE GROUP COMPANY LIMITED

Magic

ISO-8859 text, with very long lines (5755), with no line terminators

Size

5755
Hash

7221be3f1cb32584071885697fa7e13c

de0c5b374a310dd60f41bbdc7bed126456155d3c

81a6705ec56809501ef48ec51e4e9b7dc6d0b3a542efb3ffa006f432a222b54e

HTTP Headers

                                        GET /1.js HTTP/1.1
Host: njwatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://njwatech.com/
Cookie: ASPSESSIONIDQASSRQAT=DHHJPANDMCBKHJFEJKEILPDG

                                        HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Thu, 12 Jan 2023 11:42:36 GMT
Accept-Ranges: bytes
ETag: "80b38af77a26d91:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Tue, 24 Jan 2023 21:45:00 GMT
Content-Length: 5755

njwatech.com/images/base_yidong.css

154.212.232.221

200 OK

3520

URL HTTP/1.1

njwatech.com/images/base_yidong.css
IP

154.212.232.221:0
ASN

#133201 ABCDE GROUP COMPANY LIMITED

Magic

ISO-8859 text

Size

3520
Hash

3233422b16caede727e9c783bb5ac0d5

2ea9c9c2ff7419c5a23b0afe56f1a41c65450a9c

734827395fee737d001d8688e357ba4e8fe3a1835ca4c00ca1ec9d56db849db7

HTTP Headers

                                        GET /images/base_yidong.css HTTP/1.1
Host: njwatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://njwatech.com/
Cookie: ASPSESSIONIDQASSRQAT=DHHJPANDMCBKHJFEJKEILPDG

                                        HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Tue, 03 Aug 2021 06:37:23 GMT
Accept-Ranges: bytes
ETag: "48368d43288d71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Tue, 24 Jan 2023 21:45:00 GMT
Content-Length: 3520

njwatech.com/images/jquery.hwSlider.min.js

154.212.232.221

200 OK

3889

URL HTTP/1.1

njwatech.com/images/jquery.hwSlider.min.js
IP

154.212.232.221:0
ASN

#133201 ABCDE GROUP COMPANY LIMITED

Magic

HTML document, ISO-8859 text, with very long lines (3835), with CRLF line terminators

Size

3889
Hash

a1a86dd17709b9b2dfa520076ec96e81

75e91cd4869e767e812428c7581d3667e06bcfbf

cb6d787299207cf3b75277d1c070a63d0419cdc2474320184e6e9f89cfeeb899

HTTP Headers

                                        GET /images/jquery.hwSlider.min.js HTTP/1.1
Host: njwatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://njwatech.com/
Cookie: ASPSESSIONIDQASSRQAT=DHHJPANDMCBKHJFEJKEILPDG

                                        HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Thu, 05 Aug 2021 05:03:39 GMT
Accept-Ranges: bytes
ETag: "24d1341b789d71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Tue, 24 Jan 2023 21:45:00 GMT
Content-Length: 3889

fxsjcj.kaipuyun.cn/count/10002896/10002896.js

China Hangzhou Alibaba Advertising Co.,Ltd.

114.55.100.5

200 OK

16819

URL HTTP/1.1

fxsjcj.kaipuyun.cn/count/10002896/10002896.js
IP

114.55.100.5:0
ASN

#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Magic

ASCII text, with very long lines (37978), with no line terminators

Size

16819
Hash

72722a593dd738d02f5ddf13fc102ef1

a33d95005e93cef18a9654e1420d5c254e75a9b6

bbb16fb226b9c350cb9e11b83b2d00376fa02c7dafcf73102496938cb17f456f

HTTP Headers

                                        GET /count/10002896/10002896.js HTTP/1.1
Host: fxsjcj.kaipuyun.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://njwatech.com/

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:45:07 GMT
Content-Type: application/javascript
Last-Modified: Thu, 24 Oct 2019 08:23:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5db15f67-945a"
Expires: Wed, 25 Jan 2023 09:45:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

njwatech.com/images/index_yidong.css

154.212.232.221

200 OK

16785

URL HTTP/1.1

njwatech.com/images/index_yidong.css
IP

154.212.232.221:0
ASN

#133201 ABCDE GROUP COMPANY LIMITED

Magic

assembler source, ISO-8859 text

Size

16785
Hash

976d5f34e4d6db1db6da710cf764f930

9edd6e2cb0e604e692b513420bf2327c6a2c8e7f

2847a7edaa8798b64e46223237fba4dc7ff67df8aa4e65b4818c1b2804df5599

HTTP Headers

                                        GET /images/index_yidong.css HTTP/1.1
Host: njwatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://njwatech.com/
Cookie: ASPSESSIONIDQASSRQAT=DHHJPANDMCBKHJFEJKEILPDG

                                        HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Thu, 05 Aug 2021 05:03:34 GMT
Accept-Ranges: bytes
ETag: "34d7543eb789d71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Tue, 24 Jan 2023 21:45:01 GMT
Content-Length: 16785

njwatech.com/images/swiper.min.css

154.212.232.221

200 OK

17216

URL HTTP/1.1

njwatech.com/images/swiper.min.css
IP

154.212.232.221:0
ASN

#133201 ABCDE GROUP COMPANY LIMITED

Magic

ASCII text, with very long lines (16914)

Size

17216
Hash

e24628d798d1b0043f10a0e423ec7ce7

1d802f842351c7c2b53585641e4b288050845352

6b6bf68b59a71f79863bf3b342b6dba38c2dbb76814deea82250c513517ddb19

HTTP Headers

                                        GET /images/swiper.min.css HTTP/1.1
Host: njwatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://njwatech.com/
Cookie: ASPSESSIONIDQASSRQAT=DHHJPANDMCBKHJFEJKEILPDG

                                        HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Tue, 03 Aug 2021 08:38:09 GMT
Accept-Ranges: bytes
ETag: "268d3de34288d71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Tue, 24 Jan 2023 21:45:01 GMT
Content-Length: 17216

njwatech.com/images/base0809.css

154.212.232.221

200 OK

10498

URL HTTP/1.1

njwatech.com/images/base0809.css
IP

154.212.232.221:0
ASN

#133201 ABCDE GROUP COMPANY LIMITED

Magic

ISO-8859 text

Size

10498
Hash

cda557108962208583c23f1f9e52da30

b29a448197143df69848f2821c16c362fa7b5b32

136b5ec6b8f0af50326e6b64f5c776cbdfb84f3af5a9a1ab52740cf938008b09

HTTP Headers

                                        GET /images/base0809.css HTTP/1.1
Host: njwatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://njwatech.com/
Cookie: ASPSESSIONIDQASSRQAT=DHHJPANDMCBKHJFEJKEILPDG

                                        HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Tue, 03 Aug 2021 06:37:32 GMT
Accept-Ranges: bytes
ETag: "fe46a393288d71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Tue, 24 Jan 2023 21:45:01 GMT
Content-Length: 10498

njwatech.com/images/respond.src.js

154.212.232.221

200 OK

9006

URL HTTP/1.1

njwatech.com/images/respond.src.js
IP

154.212.232.221:0
ASN

#133201 ABCDE GROUP COMPANY LIMITED

Magic

HTML document, ASCII text, with very long lines (341)

Size

9006
Hash

0de406667240b043de45371eabcefee2

fdee21775149c382baed2e924070a930477b373e

1886dab0873d40edcb0d00caa8afee15d700ce8a756d9db05e9f586686ac816e

HTTP Headers

                                        GET /images/respond.src.js HTTP/1.1
Host: njwatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://njwatech.com/
Cookie: ASPSESSIONIDQASSRQAT=DHHJPANDMCBKHJFEJKEILPDG

                                        HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Tue, 03 Aug 2021 06:37:37 GMT
Accept-Ranges: bytes
ETag: "fcbed3c3288d71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Tue, 24 Jan 2023 21:45:02 GMT
Content-Length: 9006

njwatech.com/images/ztabs_index0719.css

154.212.232.221

200 OK

657

URL HTTP/1.1

njwatech.com/images/ztabs_index0719.css
IP

154.212.232.221:0
ASN

#133201 ABCDE GROUP COMPANY LIMITED

Magic

ISO-8859 text, with CRLF line terminators

Size

657
Hash

1a9034d93cfc3a69a509787a6518052b

8f59690f94ffca57c98e08d4f14cff095fc6f8c6

0b00867662d33c3ab175804cd10c47fc6aae9a29ca3e69c8b47cd9e12322aca1

HTTP Headers

                                        GET /images/ztabs_index0719.css HTTP/1.1
Host: njwatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://njwatech.com/
Cookie: ASPSESSIONIDQASSRQAT=DHHJPANDMCBKHJFEJKEILPDG

                                        HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Thu, 05 Aug 2021 12:35:11 GMT
Accept-Ranges: bytes
ETag: "d4c01d55f689d71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Tue, 24 Jan 2023 21:45:02 GMT
Content-Length: 657

njwatech.com/images/nyb_calendar.js

154.212.232.221

200 OK

9543

URL HTTP/1.1

njwatech.com/images/nyb_calendar.js
IP

154.212.232.221:0
ASN

#133201 ABCDE GROUP COMPANY LIMITED

Magic

ISO-8859 text, with very long lines (705), with CRLF line terminators

Size

9543
Hash

246c408d1ae327ea9bde43c647275e88

742a1784b899cac191c44c8d83ffb4c7f2973a25

f9789443ad7dc19a19c15650b85907a7f794040a8614a9180890e3d19f9e0fed

HTTP Headers

                                        GET /images/nyb_calendar.js HTTP/1.1
Host: njwatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://njwatech.com/
Cookie: ASPSESSIONIDQASSRQAT=DHHJPANDMCBKHJFEJKEILPDG

                                        HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Tue, 03 Aug 2021 06:26:34 GMT
Accept-Ranges: bytes
ETag: "489a52813088d71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Tue, 24 Jan 2023 21:45:02 GMT
Content-Length: 9543

njwatech.com/images/index0801.css

154.212.232.221

200 OK

23066

URL HTTP/1.1

njwatech.com/images/index0801.css
IP

154.212.232.221:0
ASN

#133201 ABCDE GROUP COMPANY LIMITED

Magic

assembler source, ISO-8859 text

Size

23066
Hash

af29172b1e3e466ad3682c4295ced8ca

8e2efada8c0e68fc631b2f81a1c64849118c0c55

f6aa71b8696ba362c0ccf9ce70d19d66693898df40449d3798ee7df9985707d8

HTTP Headers

                                        GET /images/index0801.css HTTP/1.1
Host: njwatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://njwatech.com/
Cookie: ASPSESSIONIDQASSRQAT=DHHJPANDMCBKHJFEJKEILPDG

                                        HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Thu, 05 Aug 2021 05:03:38 GMT
Accept-Ranges: bytes
ETag: "34d98140b789d71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Tue, 24 Jan 2023 21:45:02 GMT
Content-Length: 23066

njwatech.com/images/jquery-1.12.3.min.js

154.212.232.221

200 OK

86341

URL HTTP/1.1

njwatech.com/images/jquery-1.12.3.min.js
IP

154.212.232.221:0
ASN

#133201 ABCDE GROUP COMPANY LIMITED

Magic

ASCII text, with very long lines (32034)

Size

86341
Hash

d0212568ce69457081dacf84e327fa5c

d6702a1af0378b2342f6a0692e77c169f580aed7

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

HTTP Headers

                                        GET /images/jquery-1.12.3.min.js HTTP/1.1
Host: njwatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://njwatech.com/
Cookie: ASPSESSIONIDQASSRQAT=DHHJPANDMCBKHJFEJKEILPDG

                                        HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Tue, 03 Aug 2021 06:37:37 GMT
Accept-Ranges: bytes
ETag: "5a15c3c3288d71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Tue, 24 Jan 2023 21:45:00 GMT
Content-Length: 86341

njwatech.com/images/webdig.js

154.212.232.221

200 OK

414

URL HTTP/1.1

njwatech.com/images/webdig.js
IP

154.212.232.221:0
ASN

#133201 ABCDE GROUP COMPANY LIMITED

Magic

ASCII text, with CRLF line terminators

Size

414
Hash

5d51b7b90641408a245eb85b5030d3d8

9378b8c38e032f6984948499bc7b7f035a374bba

e13b9e49d9f60ad62b61f59a832ccf52d5d9d6ad8b3efdf7850dab45328b3675

HTTP Headers

                                        GET /images/webdig.js HTTP/1.1
Host: njwatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://njwatech.com/
Cookie: ASPSESSIONIDQASSRQAT=DHHJPANDMCBKHJFEJKEILPDG

                                        HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Tue, 03 Aug 2021 06:37:37 GMT
Accept-Ranges: bytes
ETag: "fab3c0c3288d71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Tue, 24 Jan 2023 21:45:02 GMT
Content-Length: 414

njwatech.com/images/logo-small.png

154.212.232.221

200 OK

1255

URL HTTP/1.1

njwatech.com/images/logo-small.png
IP

154.212.232.221:0
ASN

#133201 ABCDE GROUP COMPANY LIMITED

Magic

PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data

Size

1255
Hash

6932c0f2d746c863f72d8bb0217baed8

4fa137aff8a48cfc97a0b35d1dad2fd84693d3be

c62ae2a29c39d47bc4c1755e35da06f606467a92497599db49998a43a34ecf1b

HTTP Headers

                                        GET /images/logo-small.png HTTP/1.1
Host: njwatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://njwatech.com/
Cookie: ASPSESSIONIDQASSRQAT=DHHJPANDMCBKHJFEJKEILPDG

                                        HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 05 Aug 2021 05:03:38 GMT
Accept-Ranges: bytes
ETag: "da98b840b789d71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Tue, 24 Jan 2023 21:45:02 GMT
Content-Length: 1255

njwatech.com/images/esdToolsInit.js

154.212.232.221

200 OK

4503

URL HTTP/1.1

njwatech.com/images/esdToolsInit.js
IP

154.212.232.221:0
ASN

#133201 ABCDE GROUP COMPANY LIMITED

Magic

ASCII text, with CRLF line terminators

Size

4503
Hash

dffba995131f21941d0b203eabd1a4d7

a7ee3272a0f331d935ade7a194e30497d8c7cdc5

885d205bff85c02e4ce14c8132e753c07d18b4fb0f0094cbea63489ebd30852d

HTTP Headers

                                        GET /images/esdToolsInit.js HTTP/1.1
Host: njwatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://njwatech.com/
Cookie: ASPSESSIONIDQASSRQAT=DHHJPANDMCBKHJFEJKEILPDG

                                        HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Sat, 09 Oct 2021 08:39:09 GMT
Accept-Ranges: bytes
ETag: "796ebe20e9bcd71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Tue, 24 Jan 2023 21:45:02 GMT
Content-Length: 4503

njwatech.com/images/rxdh_20220415.png

154.212.232.221

200 OK

URL HTTP/1.1

njwatech.com/images/rxdh_20220415.png
IP

154.212.232.221:0
ASN

#133201 ABCDE GROUP COMPANY LIMITED

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET /images/rxdh_20220415.png HTTP/1.1
Host: njwatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://njwatech.com/
Cookie: ASPSESSIONIDQASSRQAT=DHHJPANDMCBKHJFEJKEILPDG

                                        HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Sun, 08 May 2022 07:40:20 GMT
Accept-Ranges: bytes
ETag: "2c4763deae62d81:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Tue, 24 Jan 2023 21:45:03 GMT
Content-Length: 0

ta.trs.cn/c/js/ta.js?mpid=299

China Shenzhen Tencent Computer Systems Company Limited

120.53.131.129

200 OK

9606

URL HTTP/1.1

ta.trs.cn/c/js/ta.js?mpid=299
IP

120.53.131.129:0
ASN

#45090 Shenzhen Tencent Computer Systems Company Limited

Magic

ASCII text, with very long lines (875)

Size

9606
Hash

5b81716a70ad0ea38b55aba6436cc45b

1a7b89fad2976de71a8b0534a6324c7a670a12f2

bf1397a3a53ea704dc0e6cb79e76c77e5714b9ac570794544380a0c32c280021

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

                                        GET /c/js/ta.js?mpid=299 HTTP/1.1
Host: ta.trs.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://njwatech.com/

                                        HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 21:45:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.22.0
Last-Modified: Mon, 18 Jul 2022 03:19:10 GMT
Vary: Accept-Encoding
ETag: W/"62d4d12e-68fd"
Cache-Control: max-age=14400
Content-Encoding: gzip

pucha.kaipuyun.cn/exposure/jiucuo.js

121.43.68.40

301 Moved Permanently

169

URL HTTP/1.1

pucha.kaipuyun.cn/exposure/jiucuo.js
IP

121.43.68.40:0
ASN

#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Magic

HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators

Size

169
Hash

df0248787061e6fc84fdc2672b55e81c

8241a4bf7b826be86cef3dbe9d71a301d972e00c

251013ac668df8dad10bd4406d9616d87e61da64c4dc9c551331a217b1abf70f

HTTP Headers

                                        GET /exposure/jiucuo.js HTTP/1.1
Host: pucha.kaipuyun.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://njwatech.com/

                                        HTTP/1.1 301 Moved Permanently
Server: nginx/1.16.0
Date: Tue, 24 Jan 2023 21:45:09 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://zfwzgl.www.gov.cn/exposure/jiucuo.js

njwatech.com/

154.212.232.221

200 OK

URL HTTP/1.1

njwatech.com/
IP

154.212.232.221:0
ASN

#133201 ABCDE GROUP COMPANY LIMITED

Magic

Size

0
Hash

HTTP Headers

                                        GET / HTTP/1.1
Host: njwatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; Charset=gb2312
Server: Microsoft-IIS/7.5
Set-Cookie: ASPSESSIONIDQASSRQAT=DHHJPANDMCBKHJFEJKEILPDG; path=/
X-Powered-By: ASP.NET
Date: Tue, 24 Jan 2023 21:45:00 GMT
Connection: close

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

#1 JS:Script (size: 5801)

#2 JS:Script (size: 37978)

#3 JS:Script (size: 9839)

#4 JS:Script (size: 86341)

#5 JS:Script (size: 187)

#6 JS:Script (size: 9006)

#7 JS:Script (size: 460)

#8 JS:Script (size: 632)

#9 JS:Script (size: 1810)

#10 JS:Script (size: 529)

#1 JS:Write (size: 25)

#2 JS:Write (size: 0)

#3 JS:Write (size: 12)

#4 JS:Write (size: 142)

HTTP Transactions (38)

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash