| www.nongchai.cn/common.js | 172.67.146.143 | 200 OK | 101 kB |
URL GET HTTP/3www.nongchai.cn/common.js IP172.67.146.143:443
CertificateIssuerGoogle Trust Services LLC Subjectnongchai.cn Fingerprint3F:60:A7:A1:D0:02:4C:C1:98:09:4A:42:F3:87:29:2C:D4:81:93:E9 ValidityTue, 23 Apr 2024 04:04:14 GMT - Mon, 22 Jul 2024 04:04:13 GMT
File typeJavaScript source, ASCII text, with very long lines (448), with CRLF line terminators Size101 kB (101389 bytes) Hash02669525c230ca0c28fbbf85e5ad530c d995f84705a31aac7c3b05809dc5519b403c288f 2db4c1bb3b4f1c4aa4b28d91460f918d33a9ed9847b49142e8852f0d62a04ce6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /common.js HTTP/1.1
Host: www.nongchai.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nongchai.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:56:05 GMT
content-type: application/x-javascript
cache-control: max-age=300
cf-cache-status: MISS
last-modified: Thu, 25 Apr 2024 23:56:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=75biLj7uYDPgGx87eP7z9y2gL3fYkeEnfDZIB5bSrHQ0k2K%2FXwD7hlPqR9jtG8FPgE2kKP%2FEvkSCn0zjUosUgAEfyEjzvZs5btYaMey7a8YECMJOexWqAzuYCWQ9PDg7IG0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a244853b28b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-M4H1B2YFY4 | 142.250.74.72 | 200 OK | 101 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-M4H1B2YFY4 IP142.250.74.72:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Size101 kB (100608 bytes) Hashc180bae1d4cebdcb693f2da8d7e852d5 48bbbfb5de4eed44d23c794969b797c548139fa6 3e912e71777b95e76dd32d83514f2606e507be14de119eff6a2c138cf7779ff5
GET /gtag/js?id=G-M4H1B2YFY4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nongchai.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 23:56:05 GMT
expires: Thu, 25 Apr 2024 23:56:05 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100608
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-M4H1B2YFY4&l=dataLayer&cx=c | 142.250.74.72 | 200 OK | 100 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-M4H1B2YFY4&l=dataLayer&cx=c IP142.250.74.72:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Size100 kB (100511 bytes) Hashf6e8e6fa5efe758c9976292b9916672c db462ea6cec08e53a7808336c11899eb0c2702f1 b90b34f361273a210af1e065de485ef4ec8bf5c6ce306a14ab63070f5f519e47
GET /gtag/js?id=G-M4H1B2YFY4&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nongchai.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 23:56:05 GMT
expires: Thu, 25 Apr 2024 23:56:05 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100511
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://www.nongchai.cn/ | 103.235.46.40 | 200 OK | 0 B |
URL GET HTTP/1.1sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://www.nongchai.cn/ IP103.235.46.40:443 ASN#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
CertificateIssuerGlobalSign nv-sa Subjectbaidu.com Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://www.nongchai.cn/ HTTP/1.1
Host: sp0.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nongchai.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Thu, 25 Apr 2024 23:56:08 GMT
|
|
| www.nongchai.cn/favicon.ico | 172.67.146.143 | 200 OK | 9.9 kB |
URL GET HTTP/3www.nongchai.cn/favicon.ico IP172.67.146.143:443
CertificateIssuerGoogle Trust Services LLC Subjectnongchai.cn Fingerprint3F:60:A7:A1:D0:02:4C:C1:98:09:4A:42:F3:87:29:2C:D4:81:93:E9 ValidityTue, 23 Apr 2024 04:04:14 GMT - Mon, 22 Jul 2024 04:04:13 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash9ac85f64474b47b578a4aac635bd3f7b c6aa97043b24433d7c1a25a3c53e41c4ce236df8 09960f979de62b99cad3a6531f21cc81298f38b0b29aaa85cb45c0302bf33710
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: www.nongchai.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nongchai.cn/
Cookie: _ga_LBYR07G9F3=GS1.1.1714089365.1.0.1714089365.0.0.0; _ga=GA1.1.442197340.1714089366; _ga_M4H1B2YFY4=GS1.1.1714089365.1.0.1714089365.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:56:06 GMT
content-type: text/html
cache-control: max-age=300
cf-cache-status: HIT
age: 1
last-modified: Thu, 25 Apr 2024 23:56:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O71Mu4a3UFG9EbApSEGJr%2Bzl6zDS19VWOnVM2TfNPhV2LeZ%2B204Qy6ZM0Q68bcYRsOWF0GkY1rJk8GU3cmPc9Be96%2BJ1avB%2FKlN3ny4c42foge7bFsDpntuP8dkgyldrAmA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a2448a5d6cb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| zz.bdstatic.com/linksubmit/push.js | 58.254.150.48 | 200 OK | 308 B |
URL GET HTTP/2zz.bdstatic.com/linksubmit/push.js IP58.254.150.48:443 ASN#136958 China Unicom Guangdong IP network
CertificateIssuerGlobalSign nv-sa Subjectbaidu.com Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File typeASCII text, with very long lines (322), with no line terminators Hasha498658e3623a4285649fd750e8e7f17 03f671b76709d9ecadce4a82348c852b6a1d5149 399125132825b666ee5d39bf0849d027d2ca21783be029cb001673f86579dd8a
GET /linksubmit/push.js HTTP/1.1
Host: zz.bdstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nongchai.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 25 Apr 2024 23:56:06 GMT
content-type: application/x-javascript
last-modified: Fri, 19 Apr 2024 08:50:31 GMT
etag: "66223057-134"
cache-control: max-age=86400
content-encoding: br
age: 50666
accept-ranges: bytes
tracecode: 31001119840259362570042517
ohc-global-saved-time: Thu, 25 Apr 2024 09:51:40 GMT
ohc-cache-hit: gz3un57 [2], zhuzuncache55 [1]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
|
|
| | 172.67.146.143 | 200 OK | 748 B |
URL User Request GET HTTP/2IP172.67.146.143:443
CertificateIssuerGoogle Trust Services LLC Subjectnongchai.cn Fingerprint3F:60:A7:A1:D0:02:4C:C1:98:09:4A:42:F3:87:29:2C:D4:81:93:E9 ValidityTue, 23 Apr 2024 04:04:14 GMT - Mon, 22 Jul 2024 04:04:13 GMT
File typeJavaScript source, ASCII text, with very long lines (814), with no line terminators Hashd50c1c0bb000eb1afe7e986d3479c615 5bc94f2f666e9f8bae3d5d3212f9830b3189bed4 3cdd10ca3b5ef3ab26731e915bf935764abbcdb17c112ab9efac4da93ffbb598
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: www.nongchai.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:56:05 GMT
content-type: text/html
cache-control: max-age=300
cf-cache-status: MISS
last-modified: Thu, 25 Apr 2024 23:56:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BGWau5MBtoHpDNV%2B96j9ClIkQY3r6PxB5%2Fg5p7oyyaj0Jorqlj4YVsQOffkSF4g8KLj2G6zsa5LbjuA1S0UvDLMOGjtKjtCBYnFk9YBOi33G0Jvnd7Gt3k5sXMPum2zS0yw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a244820b92712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.nongchai.cn/tj.js | 172.67.146.143 | 200 OK | 928 B |
IP172.67.146.143:443
CertificateIssuerGoogle Trust Services LLC Subjectnongchai.cn Fingerprint3F:60:A7:A1:D0:02:4C:C1:98:09:4A:42:F3:87:29:2C:D4:81:93:E9 ValidityTue, 23 Apr 2024 04:04:14 GMT - Mon, 22 Jul 2024 04:04:13 GMT
File typeJavaScript source, ASCII text, with very long lines (990), with no line terminators Hash165c12be8c85ac76f673825e966d941c 5544e47d1ed6f05694e27e3bd25664c9c46a8b0a 841e1e873caab1e50c9d373f1736034e51230626b6bfe4b04e5217253435af7f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tj.js HTTP/1.1
Host: www.nongchai.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nongchai.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:56:05 GMT
content-type: application/x-javascript
cache-control: max-age=300
cf-cache-status: MISS
last-modified: Thu, 25 Apr 2024 23:56:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SIUtz95uLIgxTyE%2Fq2SMgqCyU4XHQ4Vy2Sl8xEjm8IuPgx%2BOCixrb4ouCoNDmt6MMGYhxHxykvjDpd1PoWp1cPYqBxmPlLn6gtr%2B9dMKFEe8%2BFgsPtpJ5nGFkqpOPi2rW8s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a244853b2ab4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-LBYR07G9F3 | 142.250.74.72 | 200 OK | 302 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-LBYR07G9F3 IP142.250.74.72:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Size302 kB (301577 bytes) Hashb76c06ec7840500d076b376ce47d5e76 de086d6cbe028d128274cba63c4edc2ec46b8471 06b9143aef001109c54cf06edb5a30ef5b11667a549af7ecbd2f121d9d2aa437
GET /gtag/js?id=G-LBYR07G9F3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nongchai.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 23:56:05 GMT
expires: Thu, 25 Apr 2024 23:56:05 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100662
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|